Viewing indicators

The Indicators page of Kaspersky CyberTrace Web displays a table with the indicators of compromise. To access this page, you need to switch to the Data management mode.

The table with information about indicators contains the following columns:

• Type

  Type of the indicator. An indicator can be of several types (for example, IP and URL).

• Value

  Value of the indicator.

• Added on

  Date and time when the indicator was added.

• Last updated on

  Date and time of the latest indicator update.

• Tags

  The list of tags assigned to the indicator.

• Total tag weight

  The total weight of the tags listed in the Tags column.

• Suppliers

  Suppliers that contain the indicator.

• FP

  The (gray flag) icon to indicate that the indicator has been marked as a false positive.

  The table does not display indicators that are contained only in the false positives list (and were not added to Kaspersky CyberTrace from a feed, by using the REST API, or Kaspersky CyberTrace Web). You can separately manage indicators that are contained only in the false positives list.

If you perform a search for indicators, the table displays only the search results.

Below the table is the number of indicators returned after a search is performed. If you do not perform a search, the total number of unique indicators for all enabled suppliers is displayed. The table does not contain repeated indicator values, and corresponding suppliers are listed in the Suppliers column. Thus, duplications of indicator values are discarded from the total number.

Filtering indicators

You can filter indicators in the table by the following criteria:

• Type

  Select one or several types of the indicators.

• Total tag weight

  Specify the interval of total weights of the tags assigned to the indicators.

• Suppliers

  Select the suppliers that contain the indicators.

• FP

  Select either indicators marked or not marked as false positives to be displayed in the table. If the filter is not applied, all indicators are displayed.

To filter the table by criteria:

1. Click the (funnel) icon in the column that you want to use as a filtering criterion.
2. Specify the filtering condition.
3. If present in the window for specifying the filtering condition, click the Apply button.

The content of the table is updated so that it contains only the values that meet the specified conditions.

You can specify several filtering criteria.

By default, filtering conditions are not applied.

To remove a filter:

1. Click the (funnel) icon in the column that you want to stop using as a filtering criterion.
2. Click the Reset button.

The content of the table is updated so that it is not filtered by the removed filtering criterion.

Page top