TOPIC

IOC Enrichment

2 posts

DFIR Platform + TheHive: Automated IOC Enrichment for Case Management

Integrate DFIR Platform's multi-source IOC enrichment API with TheHive as a Cortex analyzer. Python code examples, architecture walkthrough, and step-by-step setup for SOC teams.

Apr 12, 202611 min read

SplunkIOC EnrichmentCustom Search Command+3

DFIR Platform + Splunk: IOC Enrichment via Custom Search Commands

Build a Splunk custom search command that enriches IOCs via DFIR Platform API. Includes Python code, commands.conf configuration, packaging as a Splunk app, and example SPL queries.

Apr 14, 202611 min read