Network Utility
Using Network Utility, you can retrieve network-related data of IP addresses and domains from the threat intel applications that are integrated with CFTR. Some of the examples of threat intel applications are:
Virus Total
X-Force
Shodan
CTIX
Whois
To access Network Utility, go to Menu > Network Utility. The Network Utility page displays the details of the top 10 searches under the Recent Searches section.
Retrieve Network Data
To retrieve the network-related data of an IP address or a domain, enter the IP address or domain name in the Type a Domain or IP text box and press Enter. CFTR displays the intel data of the IP address or domain that is retrieved from the threat intel applications. On the left pane select an application to view the intel data retrieved from the selected application. CFTR automatically formats the retrieved data up to the second level and displays them in a tabular view. Click the Raw Data tab to view the retrieved data without formatting.
Note
The Intel Enrichment section displays only the threat intel applications that are configured in Orchestrate.