Threat Classification Guide

The Threat Classification Guide provides an online reference available within the Infoblox Portal defining the common threat intelligence data classification groups and the specific properties for the groups. 

Viewing the Classification Guide

To view the online Classification Guide, perform the following:

1. From the Infoblox Portal, click Monitor > Research > Resources. 
2. On the Resources page within the Infoblox Portal, click Classifications Guide in the top menu.  See screenshot, encircled item 3 for additional information.

Image: The Classification Guide page.

On the Threat Classification Guide page, an alphabetized list of threat classification groups along with their properties is displayed. Clicking onthe down-pointing arrow icon associated with a threat classification group will expand a panel displaying information on the property, and a description for the selected threat class. Clicking on the up-pointing arrow icon will minimize the panel. 

Threats are classified according to their type. The guide utilizes the following classification types: 

• Suspicious 
• Uncategorized Threat
• Undefined
• Allow List
• Reserved. The "Reserved" type applies to Class and Property descriptions where the records or data detected are from a domain resolving to a Bogon IP address which has been externally pulled from the Bogon data or feeds.

You can also perform the following background tasks on the page:

• View background tasks: Click the hourglass icon to open the side panel displaying a list of all running background tasks. 

• Global Search: Enter the search criteria or value that you want to search for in the Search text box. Recent Searches: Click the search icon to perform a global search. The Infoblox Portal displays the list of records that match the keyword in the text box.  The search panel includes information on recent searches  including tool information, console messages, and information on recent domain searches.