We are excited to announce that the June 26, 2022 release of Mission Center gives you the ability to export IOCs (indicators of compromise) into CSV format.
Mission Center enables companies to collaborate on and share cyber threat information via threaded discussions. These discussions are the place to share IOCs and strategic on how to address threats.
The secure collaboration portal already provides robust functionality for programmatic extraction of cyber threats. This new enhancement provides the IOCs in accessible, plain-text format, making it easier to act upon uncovered forensic data that could indicate malicious activity on a system or network.
You will see the new CSV icon at the bottom of the Threat Summary action bar.
Clicking the CSV icon will download a file named <threadName>_<dateTime>_iocs.csv.
The CSV will contain all IOCs found in the thread along with the following information:
Type (string) –the type of IOC (Domain, URL, Hash, etc)
Value (string) – the IOC (acme.com, http://www.acme.com/bad/page, etc)
Sightings (numeric) – the number of times the IOC has been sighted
False Positive (true/false) – if the IOC has been marked as a false positive