Viewing Threat Intelligence External Sharing

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 1 min. de leitura

    • Threat intelligence sharing provide a centralized view of various threat data sharing sources. The feature allows you to monitor the threat records that are being processed for intelligence sharing and manage the approval workflows for different types of intelligence data.

    This section describes the following:
    1. Outbound intelligence
    2. Inbound intelligence
    3. TAXII Collections

    Outbound intelligence

    Outbound intelligence refers to threat intelligence data that your organization shares with external entities.

    As a TISC analyst you can review the associated details such as templates, profiles, groups, sharing entity attributes, exclusion rules, and approve or reject them before into the organization's intelligence systems. For more information, see Exploring Outbound Intel Sharing.

    Inbound intelligence

    Inbound intelligence pertains to threat data received from the external sources. This section allows you to manage inbound intelligence data received from external systems.

    Inbound intelligence is a group of collections which contain threat intelligence observables, indicators, and other threat objects which are known as Inbound Intelligence Records.

    As a TISC analyst, you can review and approve or reject them before they are ingested into the organization's intelligence systems. For more information, see Exploring Inbound Intel Sharing.

    TAXII Collections

    Trusted Automated Exchange of Intelligence Information (TAXII) is a protocol used for sharing of threat intelligence. For more information, see Exploring TAXII Outbound Server.