You can directly add suspicious objects or import suspicious objects contained in CSV, OpenIOC, and STIX files to the Suspicious Object List.
Procedure
- On the Trend Vision One console, go to .
- Click Add.The Add Suspicious Object screen appears.
- Select an object type or import file type from the
Method drop-down list.
Note
-
Wildcards (*) are not supported for domains, URLs, or sender addresses.
-
Trend Vision One extracts suspicious domains, file SHA-1, file SHA-256, IP addresses, sender addresses, and URL objects from imported files.
-
The maximum file size allowed for import is 1 MB. Each CSV or OpenIOC file can contain a maximum of 2,000 objects.
-
- Select a risk level.
- Specify the action or actions that connected products apply after detecting the object.
- Select an expiration option.
- Type a description.
- Click Submit.
Note
Connected products receive the new object information from Trend Vision One during the next synchronization.