IBM Security QRadar SOAR

 View Only
  • 1.  Information About Default Threat Sources

    Posted Mon March 01, 2021 03:55 AM
    Hi all,

    We are using default threat sources like Virustotal, X-Force etc. but we have some questions about them;
    1. How can we know that which types of artifacts sends to threat source server. (Especially virustotal)
    2. Can we view or edit default threat source codes?
    We ask that because we don't want to send our internally URLs or email addresses to out of our network

    ------------------------------
    Burak Karaduman
    ------------------------------


  • 2.  RE: Information About Default Threat Sources

    Posted Tue March 02, 2021 04:17 AM
    Hi Burak,

    See https://www.ibm.com/support/pages/node/1163134 for the artifact types that the threat sources use.

    If you want to stop artifacts from being sent to threat sources then you can add those artifacts to an artifact type that the threat source does not support such as a custom artifact type.

    ------------------------------
    BEN WILLIAMS
    ------------------------------



  • 3.  RE: Information About Default Threat Sources

    Posted Thu March 04, 2021 01:24 AM
    Hi Ben,

    The link that you provided is enough for me. Thank you so much.

    ------------------------------
    Burak Karaduman
    ------------------------------