AutoFocus Tags
AutoFocus tags group a set of conditions that, when
found together, indicate certain malicious behaviors or actors.
Tags show you when an individual sample is part of a larger threat—like
a malware family or a threat campaign—or is a trademark of a malicious
actor. Tags can help you gain a larger context surrounding malicious
activity, and gives you a way to further investigate the scope of
that activity.
You can create your own tags, and the Unit 42 threat research
team shares threat intelligence with the AutoFocus community through
official Unit 42-issued tags. Unit 42 also verifies threats discovered
by third-party individuals and organizations and creates tags for
these threats.
Create
Alerts based on a tag to be notified each time AutoFocus™ detects
new samples that match the tag conditions, allowing you to take
quick action to remediate possible threats. And when you search
based on tags, you’ll be able to find all samples that match the
tag conditions.
See the following topics for details on tags, how to create your
own tags, and how to see tags shared by Unit 42 and other AutoFocus
users:
