Threat Intelligence Feeds for Novel Corona virus (COVID-19)

3 Likes

April 23rd 2020

The content has been updated as mentioned below: 

Scan Titan Feeds as on 21st April 2020 has been updated.
Covid related MITRE Content has been updated to lookup in the Active lists.
Saved searches and Search Filters from SOC Prime has been added.
Active list has been changed from Event Based to Field Based.
Geo Communications Dashboard has been added.
Correlation rules has been tuned further.

2020-04-23 12_41_42-ArcSight Command Center.jpg

April 5th 2020

The content for ArcSight has been created by leveraging the Threat Feeds available from Scan Titan and Anomali.

These Threat Feeds consists of Host Names, IP Address, Domain Names, Email Address, URL’s, Subject Line, HASH, Encryption Types comprises of up to 15000 Indicators of compromise.

With ArcSight ESM this content can be leveraged or added to other existing COVID-19 ArcSight Contents.

2020-04-08 17_04_21-ArcSight Command Center.jpg

2020-04-08 17_04_07-Inbox - pavan.raja@microfocus.com - Outlook.jpg

2020-04-08 17_03_47-ArcSight Command Center.jpg

2020-04-08 17_03_36-ArcSight Command Center.jpg

2020-04-08 17_03_11-ArcSight Command Center.jpg

This content will be updated with more use cases in the coming days.

For feedback please reach out to me on my email PAVAN.RAJA@MICROFOCUS.COM

Labels:

Other
Support Tips/Knowledge Docs
User Group
Support Tip
Related
Recommended