Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
TinTran
Explorer

Find a IOC in checkpoint database (malicious IP, domain)

Hi everyone. I have a question about IOC

Is there have any tool to check a IOC(like malicious IP, domain ) in database of Checkpoint Firewall. It is like virustotal check. The input is a malicious IP and the output will show this malicious IP already have in database or not.

Note: My goal is check malicious IP is exists or not and add them to custom policy if they not exist. 

Thanks !!!

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

If you have our XDR offering, you can query our database to get details about specific IPs/domains.
Outside of that, I don't believe we offer a mechanism.

In any case, if you have other sources you trust say something is malicious, you can add it to your own IoC Feed or Network Feed object, irrespective if it is in ThreatCloud.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events