Block malicious indicator identified by Email Security

This topic describes an automation that adds a malicious URL identified by the Email Security blade as an indicator to an IOC feed. It helps update threat intelligence and enhance security response.

This automation adds the malicious URL identified by Email Security as an indicator to an IoC Feed, updating threat intelligence and enhancing security response.

Supported Product

  • Email Security

  • IoC Management Management

Parameters

Expiration in days (0 means no expiration)

Set the expiration period for the automation

Trigger

Matching phishing URL identified by Email Security blade with high confidence.

To view the example of this log, click Run.

Flow