Forum Discussion
Defender Custom IOC Pre-Check
Hi guys,
So what would you suggest is the best way to check if Defender have coverage for certain identified IOCs(IP/Domain/URLs) before ingesting it into the custom indicator list? The goal is to not duplicate indicators that is already being detected by Defender.
1 Reply
- I was looking into myself and couldn't find anything. I suspect it's most likely built-in to Microsoft's threat intelligence
