EDR: Which IOCs or queries are included in a specific Threat Intel feed?
search cancel

EDR: Which IOCs or queries are included in a specific Threat Intel feed?

book

Article ID: 289426

calendar_today

Updated On:

Products

Carbon Black Hosted EDR (formerly Cb Response Cloud)

Issue/Introduction

Is there anywhere in the EDR admin console where a list of IOCs or queries used by Threat Intel feeds can be viewed?

Environment

  • EDR Server: All versions

Resolution

  1. Navigate to the Threat Intelligence page.
  2. Locate the specific Threat Feed and click on "Threat Reports >>" at the bottom of the Threat Feed tile.
  3. A list of threat reports should be visible on the page to browse through, or the search bar at the top can be used to filter the display to specific reports
Powered by Wolken Software