After reading the documentation for CIF version 4 and comparing it to CIF version 3, as well as playing around with CIF 4 in a test environment, we have a couple of questions related to usage and available functionality.
If possible, it would probably be most helpful if we sat down with you in person with our test environment handy. We imagine you could provide us with some helpful tips.
How do threats get ingested into CIF?
What is the command/process?
No documentation for “Creating a feed parsing configuration file” section in CIF 4 but there is for CIF 3.
Does this mean the functionality does not exist?
For testing purposes, how can we ingest some threats into our test environment?
What is the existing CIF API for version 4? How do you use it?
Outputting threat feeds: To confirm: this is done with the CIF CLI client, and you specify the desired options to get the desired output via the cif command. Is this accurate? CIF 4 docs
After reading the documentation for CIF version 4 and comparing it to CIF version 3, as well as playing around with CIF 4 in a test environment, we have a couple of questions related to usage and available functionality.
If possible, it would probably be most helpful if we sat down with you in person with our test environment handy. We imagine you could provide us with some helpful tips.
How do threats get ingested into CIF?
For testing purposes, how can we ingest some threats into our test environment?
What is the existing CIF API for version 4? How do you use it?
Outputting threat feeds: To confirm: this is done with the CIF CLI client, and you specify the desired options to get the desired output via the
cifcommand. Is this accurate? CIF 4 docs