Block malicious file indicator identified by Threat Extraction Endpoint Security
This topic describes an automation that adds a malicious file indicator identified by Threat Extraction Endpoint Security to an IOC feed to enhance threat intelligence and response.
This automation adds the malicious file indicator identified by Threat Extraction Endpoint Security as an indicator to an IOC feed, updating threat intelligence and enhancing security response.
Supported Product
-
Endpoint Security
-
IoC Management
Parameters
|
Expiration in days (0 means no expiration) |
Set the expiration period for the automation. |
Trigger
Matching malicious file indicator identified by Threat Extraction Endpoint Security with high confidence.
To view the example of this log, click ../running-automation/running-the-automation.dita.
Flow