Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Threat Intelligence Overview

Look up your trusted threat intelligence providers for indicators of compromise to confirm the maliciousness of the reported event. Indicators of compromise include IP addresses, URLs, and file hash observed in the log data. What is considered malicious is based on available knowledge about the threat intelligence provider’s output.

Security Director Cloud Insights supports the following threat intelligence sources:

Source

Data

IBM X-Force

IP lookup and file hash

VirusTotal

File hash and URL lookup

OPSWAT Metadefender

File hash, URL lookup, and IP lookup

To access this page, select Juniper Security Director Cloud > Shared Services > Insights > Settings > Threat Intelligence.

Field Descriptions

Table 1: Fields on the Threat Intelligence Page

Field

Description

Source

Specifies the threat intelligence source.

Description

Specifies the corresponding API details configured for the threat intelligence source.

Test

Click to test the validity of the API key and check whether the Security Director Cloud VM can reach a threat intelligence source.

Related Documentation