-
Go to Threat Intelligence > Custom Intelligence > STIX.
The STIX screen appears.
-
Click Import.
The Import Objects From STIX dialog appears.
- Click Select to locate a STIX file to import.
- (Optional) Type a description for this STIX file.
-
Click Import.
Note:
-
Only IP addresses, domains, URLs, file SHA-1 hash values, and file SHA-256 hash values will be added to the User-Defined Suspicious Objects list.
-
When using STIX 1.x, only Indicators whose Confidence is not Medium, Low, None, or Unknown will be added to the User-Defined Suspicious Objects list.
-
When using STIX 2.0, only "indicator" type objects that are not labeled as "anomalous-activity", "anonymization", "benign", or "compromised", and that are not revoked will be added to the User-Defined Suspicious Objects list.
-
The STIX file and object information can be shared as part of threat intelligence.
The objects appear in the User-Defined Suspicious Objects list. Registered appliances receive the updated User-Defined Suspicious Objects list during the next synchronization.
-
Views: