Automatically collect and ingest open source IoCs

Includes rich context like threat actors, malware, vulnerabilities, and TTPs

AI Feeds

Continuously collect open source IoCs

AI Feeds are AI-powered queries that collect relevant actionable insights from the open web

Customize to threat actors, malware, etc.

Scan intelligence reports, news, advisories

Filter out false positives

👁 An AI Feed with a query built to track malware and indicators of compromise, with a preview of the 20 articles per week that show up for this query.

👁 A screenshot of an article. Feedly AI has identified 5 IoCs (2 hashes and 3 URLs) and 1 threat actor (Turla).

AI Insights

Automatically extract and enrich IoCs

Feedly AI automatically extracts, enriches, and links IoCs, TTPs, threat actors, malware, CVEs, etc., in machine readable formats

Ask AI

Associate IoCs with adversaries, TTPs, and malware

Synthesize up to 25 multi-language reports

Extract IoCs and related threat actors

Generate network relationship graphs

👁 A list of articles with an overlay titled “AI Actions” that says "Create a network graph showcasing the relationships between the IoCs (hashes), malwares, and threat actors". In the results, the AI action shows a detailed network graph with the requested relationships.

👁 Sopra Steria

“Extracting IoCs from a single article used to take 45 minutes, now it’s automated.”

👁 Image

Per Kroghrud

CTI Team Lead, Sopra Steria Scandinavia

STIX & MISP Export

Ingest IoCs with rich contextual data into your MISP or SIEM

Accelerate your analysis with context like related threat actors, malware, vulnerabilities, TTPs, industries, etc.

👁 A settings panel for configuring a Private MISP (Malware Information Sharing Platform) Feed, with options to include new malware, TTPs, source names, and Feedly AI tags, as well as the ability to add custom tags and a generated MISP Feed URL.

👁 A list of Feedly Threat Intelligence integrations, including: Anomali, Cortex XSOAR, CyWare, Microsoft Sentinel, MISP, OpenCTI, Splunk, Microsoft Teams, Slack, Microsoft SharePoint, Zapier, Buffer, Dropbox, and the Feedly API.

Integrations

Simple no-code integrations

Periodically ingest all the reports and artifacts collected into your MISP, SIEM, or other tool

Consolidate data into your tool of choice

Ingest IoCs from AI Feeds or curated Boards

Add static tags to trigger additional workflows

Explore more ways cyber security teams use Feedly to stay one step ahead

Track critical vulnerabilities

Monitor threat actor behavior (TTPs)

Identify cyberattacks in your industry

Collect IoCs

Get started

Start collecting enriched IoCs in minutes

Get started for free

No credit card required

URL: https://feedly.com/threat-intelligence/use-cases/collect-ioc