Fortinet black logo

New Features

Trigger - FortiCloud-based IOC

Copy Link
Copy Doc ID 761d83e3-4a7b-11e9-94bf-00505692583a:590187
Download PDF

Trigger - FortiCloud-based IOC

This feature expands topology, FortiView, and automation to support Indicators of Compromise (IOC) detection from the FortiCloud IOC service.

FortiGate can now list IOC entries on the FortiView pane and use the IOC event logs as a trigger for automation framework.

FortiGate requires an IOC license and a Webfilter license to use this feature. In addition, you must enabled FortiCloud logging on the FortiGate.

To view compromised hosts, go to FortiView > Compromised Hosts. The IOC entries are displayed when the source is FortiCloud.

You can also view the IOC entries on FortiCloud portal:

Trigger - FortiCloud-based IOC

This feature expands topology, FortiView, and automation to support Indicators of Compromise (IOC) detection from the FortiCloud IOC service.

FortiGate can now list IOC entries on the FortiView pane and use the IOC event logs as a trigger for automation framework.

FortiGate requires an IOC license and a Webfilter license to use this feature. In addition, you must enabled FortiCloud logging on the FortiGate.

To view compromised hosts, go to FortiView > Compromised Hosts. The IOC entries are displayed when the source is FortiCloud.

You can also view the IOC entries on FortiCloud portal: