chrisforce1
commented
1 year ago is there a list of IOCs I can use to make a rule for Elastic detection?
On the AlphaSOC side we maintain a Threat Intelligence Platform (TIP) which contains all of our indicators. The flightsim utility leverages an API which provides a sample of indicators for simulation and testing purposes, but not the comprehensive list. If you'd like to discuss commercial use of our intelligence please email me via chris@alphasoc.com and we can figure out next steps.
is there a list of IOCs I can use to make a rule for Elastic detection?