End-of-Life (EoL)

Indicator Types

Indicator types are determined by searching for predefined regular expressions (regex) in the War Room or by user assignment.
Indicators are categorized by indicator type, which determines the indicator layout (fields) that are displayed and which scripts are run on indicators of that type.
The following is a list of some of the indicator types.
  • IP Address
  • Domain
  • URL
  • File
  • Email
  • Host
  • CIDR
  • STIX indicator types such as STIX Malware, STIX Report, etc.
  • Registry Path Reputation
  • File hash (such as SHA-1, MD5, etc)
  • CVE CVSS Score

Recommended For You