Working with indicators

Kaspersky CyberTrace uses the Elasticsearch database to store the indicators of compromise (IOC) from the threat intelligence feeds. This database contained in the Kaspersky CyberTrace distribution package.

On the Kaspersky CyberTrace web user interface you can select the Indicators tab. This section allows you to do the following:

FalsePositive and InternalTI suppliers

The FalsePositive and InternalTI suppliers are built-in Kaspersky CyberTrace suppliers that you can add indicators to:

Page top