Global IoC Block List

With Check Point Infinity IoC, SOC teams actively manages IoCs globally, ensuring that every IoC you choose to enforce applies across all Check Point products, including Harmony Email & Collaboration.

For example, if you add a URL to the global IoC blocklist, it will flag as malicious any emails, Teams messages, and clicks on rewritten links that contain this URL.

For information about IoC Management, see Infinity IoC Administration Guide.

Accessing Global IoC Block List (Infinity IoC)

To access the global IoC block list directly, click this link: https://portal.checkpoint.com/dashboard/xdr-xpr/xdrxpr#/ThreatCloudIOCMgmt.

For information about accessing global IoC block list and about the supported geographical regions, see Infinity IoC Administration Guide.

Managing IoCs and IoC Feeds

You can manage IoCs globally in two ways:

• Individual Management - SOC teams actively search for incidents or suspicious events and manually adds IoCs to enforce globally.

• Integration with 3rd Party IoC feeds - Connect to an IoC feed your SOC team is subscribed to. This integration automatically enforces all IoCs received from the feed for your Harmony Email & CollaborationAdministrator Portal.

For information about managing IoCs and IoC feeds, see Infinity IoC Administration Guide.

Note - Harmony Email & Collaboration supports only URL and Domain type of IoCs through IoC Management.