There are no reviews yet. Be the first to send feedback to the community and the maintainers!
Repository Details
This application allows to: - acquire ActiveTrust / BloxOne Threat Defense Cloud logs using REST API - filter it efficiently with full drill down support based on the time, threat property, threat class, source IP, domain name, query type and much more - summarize hits by IOCs - get IOCs context from Infoblox Dossier threat intelligence - prioritize hits based on context - search and pivot Threat Intelligence based on the IOCs matched in DNS traffic Mandatory requires ActiveTrust / BloxOne Threat Defense Optionally requires Dossier for threat intelligence