Block malicious file indicator identified by Threat Emulation Endpoint Security
This topic describes the automation that adds a malicious file indicator identified by Threat Emulation Endpoint Security to an IOC feed for enhanced threat intelligence and response.
This automation adds the malicious file indicator identified by Threat Emulation Endpoint Security as an indicator to an IOC feed, updating threat intelligence and enhancing security response.
Supported Product
-
Endpoint Security
-
IoC Management
Parameters
|
Expiration in days (0 means no expiration) |
Set the expiration period for the automation. |
Trigger
Matching malicious file indicator identified by Threat Emulation Endpoint Security with high confidence.
To view the example of this log, click ../running-automation/running-the-automation.dita.
Flow