Threat Intel
The Threat Intel module includes various Indicators of Compromise (IOCs), such as IP address, domain, URL, hashes, and more. Threat Intel enables security analysts to view IOC details, manage, and enrich the IOCs. This enables security analysts to get valuable insights into the IOCs and perform threat analysis faster. Some examples of IOCs in threat intel are:
IP: 1.1.1.1, 168.192.0.1
Domain: cyware.com, google.com
URL: www.cyware.com, www.google.com
Hash: 8743b52063cd84097a65d1633f5c74f5, f0fda58630310a6dd91a7d8f0a4ceda2:4225637426
Note
You cannot manually add an IOC in Threat Intel. The IOCs linked with incidents, malware, vulnerabilities, and threat actors are listed under threat intel.