cancel
Showing results for 
Search instead for 
Did you mean: 
viresh_sec
Level 7

"Cyber Threat feed" feature of ESM (Enterprise security Manager) with help of manual upload of IP Addresses or domain names

I want to use "Cyber Threat feed" feature of ESM (Enterprise security Manager) with help of manual upload of IP Addresses or domain names. What are the steps to do it ? If IOC files are only option to upload for backtrace to work then how can I create IOC files using my list of IP addresses or domain names ?

0 Kudos
3 Replies
sssyyy
Level 12

Re: "Cyber Threat feed" feature of ESM (Enterprise security Manager) with help of manual upload of IP Addresses or domain names

If you want to manually upload IP address or domain names, why not use watchlist?

0 Kudos
viresh_sec
Level 7

Re: "Cyber Threat feed" feature of ESM (Enterprise security Manager) with help of manual upload of IP Addresses or domain names

I know I can upload IP Addresses and domain names using watchlist. I want to learn how can I use Cyber threat feed using manual upload feature which is available there. How can I convert feeds into IOCs (Indicators of compromise) in STIX (Structured threat information expression) format which is only acceptable format for manual upload.

0 Kudos
abanaru
Level 11

Re: "Cyber Threat feed" feature of ESM (Enterprise security Manager) with help of manual upload of IP Addresses or domain names

0 Kudos