IOC Exporter
Overview
Indicators of Compromise (IoCs) are forensic data used to identify and respond to potential cybersecurity threats or breaches.
How to Use:
- Go to Apps
- Select WAF > Click Tools > IOC Exporter
- Configure the settings
- Click on Export
Description
Matched Rules
It displays the rules for which False Positive is generated.
Impacted URLs
It displays all matched URLs for the query.
Blocked Payload
It displays the payload matched for the query like Event Id, Variable, Content, Attack Type, Action.
We can further download all events matched based on the filter from the event page.