Indicator Types - Threat Intel Management Guide - 6.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Threat Intel Management Guide

Product
Cortex XSOAR
Version
6.5
Creation date
2022-09-29
Last date published
2023-12-12
End_of_Life
EoL
Category
Threat Intel Management Guide

Indicators are categorized by indicator type, which determines the indicator layout (fields) that are displayed and which scripts are run on indicators of that type.

The following is a list of some of the indicator types.

  • IP Address

  • Domain

  • URL

  • File

  • Email

  • Host

  • CIDR

  • Attack Pattern

  • Threat Actor

  • Intrusion Set

  • Malware

  • Campaign

  • Tool

  • Report

  • Course of Action

  • Infrastructure

  • Registry Path

  • CVE CVSS Score