03-Dec-2022 03:12
Dear Experts,
I am searching around if F5-DNS or AFM is capable of receiving threat intelligence in real-time from TAXII servers related to private community or ISAC?
I need more information about F5 capablities to integrate with threat intelligence even with o
Regards,
Muhannad
07-Dec-2022 09:13
Hi @Muhannad - I see nobody has answered you yet, so I've shared the link to your question with a colleague who may be able to help. Can you elaborate on your last sentence, though? It looks incomplete.
"I need more information about F5 capablities to integrate with threat intelligence even with o" <--?
Leslie
08-Dec-2022 14:47
I don't know enough about taxii, but it appears to communicate RESTfully. I am digging into this, but do you happen to know what sorts of things a taxii sends? Is the expectation that it programs a deny-list in real time? Is the expectation simply IP blocking (AFM) based on threat intelligence? Can taxii host a deny-list? If so, AFM / AWAF can be programmed to consume that in an automated fashion..