IBM Security Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity. Join the Community
Hello Team,We want to compare multiple threat intel reponse on IBM resilient SOAR.So we installed AbuseIPDB fuction for SOAR and found that we should receive hit to the IP address from "IMB Xforce" and "AbuseIPDB" bothBut we recived hit only by AbuseIPDB and not from IBM X-froce.Kindly let us know how we can utilize this use case.Regards,Swapnil
You may go on XFE portal and check if the ip address has risk score greater than 4 (out of 10). Per investigation, having hit on that level would reduce alert fatigue.