How to upload Indicators of Compromise (IOC) list to Email Security.cloud

search cancel

How to upload Indicators of Compromise (IOC) list to Email Security.cloud

book

Article ID: 419269

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

The Indicators of Compromise (IOC) api can be leveraged by using any API query tool to upload/download the IOCs identified by your organization.

This article is designed as quick start guide and more detailed information about the different header and error codes can be found in the Indicators of Compromise (IOC) guide here:

Resolution

Upload Indicators of Compromise (IOC)

1. POST using https://iocapi.emailsecurity.symantec.com/domains/global/iocs/upload?api-list-action=MERGE

2. Add your IOC list in csv format (attached to this KB as well)

3. Set the headers

4. Set your authentication credentials

5. Run the api command to upload the IOCs in the csv file used in step#2.

Feedback

thumb_up Yes

thumb_down No