When creating IOC Scan tasks, consider the following IOC file requirements and limitations:
The file that you can download by clicking the link below, contains a table with the full list of IOC terms of the OpenIOC standard that are supported by the Kaspersky Endpoint Detection and Response solution.
DOWNLOAD THE IOC_TERMS.XLSX FILE
Features and limitations of the application’s support for the OpenIOC standard are shown in the following table.
Features and limitations of support for OpenIOC version 1.0 and 1.1.
Supported conditions |
OpenIOC 1.0:
OpenIOC 1.1:
|
Supported condition attributes |
OpenIOC 1.1:
|
Supported operators |
|
Supported data types |
|
Features of data type interpretation |
The The application supports interpretation of the OpenIOC 1.0: Using the
OpenIOC 1.1: Using the Using the The application supports interpretation of the |