Kyle Howson

RSA FirstWatch Feeds

Discussion created by Kyle Howson on Aug 4, 2016
Latest reply on Aug 8, 2016 by Kyle Howson

Hello,

 

Recently I've noticed that the threat source has disappeared 'rsa-firstwatch' and are left with only a threat desc of http://firstwat.ch/amgxxb or whatever it may be. In an attempt to filter through the noise, I tried to flag only on IOC's that provide a threat category and it seems as soon as you do this, you lose all firstwatch data feed information. Is there a reason that firstwatch isn't generating this meta or is there a meta I am missing?

Outcomes