Fortinet black logo

Cookbook

FortiGate Cloud-based IOC

Copy Link
Copy Doc ID 5be0d1a4-3f0d-11eb-96b9-00505692583a:270452
Download PDF

FortiGate Cloud-based IOC

Topology, FortiView, and automation support Indicators of Compromise (IOC) detection from the FortiGate Cloud IOC service.

FortiGate lists IOC entries on the FortiView pane, and uses the IOC event logs as a trigger for automation stitches. IOC and web filter licenses are required to use this feature. You must also enable FortiGate Cloud logging on the FortiGate.

To view compromised hosts, go to FortiView > Compromised Hosts. The IOC entries are displayed when the source is FortiGate Cloud.

You can also view the IOC entries in the FortiGate Cloud portal.

FortiGate Cloud-based IOC

Topology, FortiView, and automation support Indicators of Compromise (IOC) detection from the FortiGate Cloud IOC service.

FortiGate lists IOC entries on the FortiView pane, and uses the IOC event logs as a trigger for automation stitches. IOC and web filter licenses are required to use this feature. You must also enable FortiGate Cloud logging on the FortiGate.

To view compromised hosts, go to FortiView > Compromised Hosts. The IOC entries are displayed when the source is FortiGate Cloud.

You can also view the IOC entries in the FortiGate Cloud portal.