Views:

Apex Central provides different ways to protect against suspicious objects not yet identified within your network. Use the User-Defined Suspicious Object list or import indicators from OpenIOC or STIX files to take proactive actions on suspicious threats identified by external sources.

Feature

Description

User-Defined Suspicious Objects list

The User-Defined Suspicious Objects list allows you to define suspicious file, file SHA-1, IP address, URL, and domain objects that your registered Virtual Analyzer has not yet detected on your network.

Supported managed products that subscribe to the Suspicious Object lists can take action on the objects found in the list to prevent the spread of unknown threats.

For more information, see the following topics:

STIX file list

The STIX file list allows you to import Structured Threat Import Expression (STIX) files and extract suspicious file SHA-1, IP address, URL, and domain objects to the User-Defined Suspicious Object list.

For more information, see the following topics:

OpenIOC file list

The OpenIOC file list allows you to import OpenIOC files and extract suspicious file SHA-1, IP address, URL, and domain objects to the User-Defined Suspicious Object list.

For more information, see the following topics: