You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We can currently resurrect existing retired IOCs imported via https://threatkb.inquest.net/#!/import. This is a feature request to add an option to retire imported IOCs if they exist in ThreatKB and are in "Released" state.
Ability to quick filter for key timestamp fields on indicators (evaluate as "if (date_now) > the timestamp field"):
Expiration timestamps
Next review on timestamp
This applies to indicators (C2 IP, C2 domains).
The text was updated successfully, but these errors were encountered:
@PhilOrdo We reviewed this a bit with @dcuellar322 and next steps that could move this ahead are to basically provide an input file, like what we'd use in this use case, and pass that over to David as an example of the workflow and for him to test with locally.
We can currently resurrect existing retired IOCs imported via https://threatkb.inquest.net/#!/import. This is a feature request to add an option to retire imported IOCs if they exist in ThreatKB and are in "Released" state.
This applies to indicators (C2 IP, C2 domains).
The text was updated successfully, but these errors were encountered: