Malware Hash Threat Feed
To add “EXTERNAL CONNECTOR”, we click on “External Connectors” under “Security Fabric” in the firewall menu and click on the “Creative New” button from the menu that appears.
We appear. We click on "Malware Hash" on the screen that appears.
We configure the screen that appears using the link provided by Abuse ch containing the Malware hash information and complete our process by clicking ok. bazaar.abuse.ch/export/txt/sha256/recent/
Our External Connector connection has been completed.
Then we click on Antivirus under “Security Profiles” in the firewall menu and edit the existing default policy from the screen that appears. or you can create a new one.
We activate the "Use external malware block list" button on the screen that appears and complete the process by clicking OK. Thus, the malware connector we added will be automatically recognized.
Do you know that you can try the scenario we explained in this article on your own computer by purchasing the EVE-NG FULL Package at labimage.com.tr?