The Active Indicators search tool allows for filter-based searches of threat indicators by data type, threat class/property, and data provider. The indicator data returned from a search is displayed on the Active Indicators page. The returned indicator search data can also be exported in CSV, JSON, and XML formats. Active indicators searches have a return limit of 1000 records. In cases where all active indicator data is needed, it can be pulled via the API using a CURL Command. The Active Indicators tool is available to subscribers of BloxOne Threat Defense Business On-Premises, BloxOne Threat Defense Business Cloud, and BloxOne Threat Defense Advanced packages.
Note | ||
---|---|---|
| ||
SURBL Multi - FRESH Domains Feed BloxOne Threat Defense subscribers can obtain SURBL data as RPZ feeds and can also query the indicators via Dossier. The ability to query SURBL indicators using Active indicators or with the TIDE API requires an additional subscription to the SURBL Multi - FRESH Domains Feed. |
Viewing Active Indicators
...