Threat Intelligence Feeds

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 2 Minuten Lesedauer

    • Use Threat Intelligence Feeds to add, edit, or remove Threat Intelligence feed data source.

    The data source feeds are available from the Threat Intel Catalog under Integrations section.

    The catalog for threat intelligence feeds is built to show the available feed data sources in the form of tiles and has the ability to filter, search, and navigate to the details of the source configuration and perform various actions.

    All Feeds

    The base system includes a series of cards for each of the feeds that you can enable and use.

    The Feeds can be viewed by navigating to Workspaces > Threat Intelligence Security Center > Integrations > Threat Intel Feeds > All Feeds.

    Threat Intelligence Feeds

    Actions on the All Feeds view

    The All Feeds section enables you to perform the following actions.
    Tabelle : 1. Actions on All Integrations view
    Action Description
    All Use this drop-down menu to filter feeds based on their current state. You can filter based on the following states:
    • All: Displays all the feeds on the page. This is the default option.
    • Enabled: Displays all the feeds that are in an enabled state.
    • Disabled: Displays all the feeds that are in a disabled state.
    • Draft: Displays all the feeds that are in a draft state.
    Card view Use this action to view all the feeds in the form of cards.
    List view Use this action to view all the feeds in the form of a list view.
    Refresh Use this action to refresh the page.
    Sort Use this action to sort all the integrations based on the following:
    • Last Modified (recent)
    • Last Modified (oldest)
    • Name (A-Z)
    • Name (Z-A)
    All items Use this action to filter and list the threat intelligence feed tiles by source type or feed type.
    Source Type:
    • Open Source
    • Other Source
    • Premium Source
    Feed Type:
    • CSV
    • Custom Feed
    • JSON
    • MISP
    • RSS
    • STIX HTTPs
    • Text
    Search in catalog Use this action to search for feeds based on the name and description within the catalog.

    Types of Threat Intel Feeds

    The following are the types of threat intelligence feeds which can be configured and enabled:
    Tabelle : 2. Threat Intelligence Feeds
    Type Description
    TAXII Feeds Feeds that are available as STIX/TAXII Collections format.
    STIX HTTPS Threat Intelligence feeds in STIX format that can be accessed through REST APIs on HTTPS protocol.
    MISP Feeds that are in the MISP Format Feeds.
    Text Feeds that are available as hosted files in text format.
    Hinweis:
    System will parse the files for URL, domain, file name, hashes, and IP address will only be extracted and no other observable types will be extracted.
    CSV Feeds that are available as hosted files in CSV format.
    Hinweis:
    System will parse the files for URL, domain, file name, hashes, and IP address will only be extracted and no other observable types will be extracted.
    JSON Feeds that are available as hosted files in JSON format.
    Hinweis:
    System will parse the files for URL, domain, file name, hashes, and IP address will only be extracted and no other observable types will be extracted.
    RSS Feeds that are available in RSS format. The application will store the data as RSS Feed Records.
    Custom Feeds that are configured using custom parsers.
    Hinweis:
    System will parse the files for URL, domain, file name, hashes, and IP address will only be extracted and no other observable types will be extracted.

    For the next steps in the procedure, refer to the respective section for configuring a each specific feed type. Threat Intelligence Feeds.