New Blog Post | How to Use Threatview.io Threat Intelligence Feeds with Microsoft Sentinel

How to Use Threatview.io Threat Intelligence Feeds with Microsoft Sentinel - Azure Cloud & AI Domain Blog (azurecloudai.blog)

 

Threatview.io provides some excellent threat intelligence feeds that can be used with Microsoft Sentinel as external sources. The Threatview.io feeds are updated regularly – generated daily at 11PM UTC – so you can be sure that the most current indicators will be available.

 

The feeds are available from here: https://cda.ms/2mc

 

The feeds are provided as links to files in .txt format so you can use the externaldata operator for KQL to pull in the feeds in real-time for KQL queries.