PhishLabs EIR - IOC Feed

Version: 1.1
Updated: Jun 26, 2023

PhishLabs by Fortra is a cyber threat intelligence company that delivers Digital Risk Protection through curated threat intelligence and complete mitigation. PhishLabs provides brand impersonation, account takeover, data leakage and social media threat protection.

Actions

• List Incident Indicators (Enrichment) - Retrieve list of incidents and indicators within the feed.
• List Global Indicators (Enrichment) - Retrieve global list of indicators.

Configure PhishLabs EIR - IOC Feed in Automation Service and Cloud SOAR

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

1. Access integrations in the Automation Service or Cloud SOAR.
2. After the list of the integrations appears, search for the integration and click on the row.
3. The integration details will appear. Click on the "+" button to add new Resource.
   
4. Populate all the required fields (*) and then click SAVE.
   • Label. The desired name for the resource.
   • URL. Your PhishLabs EIR - IOC Feed API URL.
   • Username. Your PhishLabs EIR - IOC Feed Username.
   • Password. Your PhishLabs EIR - IOC Feed API Password.
     
     
5. Click TEST SAVED SETTINGS.
   
6. You should receive a successful notification in the bottom right corner.
   

Change Log

• March 14, 2023 - First upload
• June 26, 2023 (v1.1) - Removed unnecessary empty lines and other little changes