Indicators

The Indicators tab provides the ability to search for stored public and private threat intelligence indicators that are deemed most relevant to incident response (for more information, see Intelligence).

An indicator describes a pattern of behavior or a set of conditions which indicate malicious behavior. Some indicators are more indicative than others of malicious behavior, so knowing exactly which bad behaviors an observable (such as a domain or an IP address) is exhibiting can help an incident responder decide what to do next.

Indicators

The Public indicators are displayed by default. Click Private in the upper right corner to display the list of private indicators.

From the Indicators tab, you can perform the following tasks: