• Additional IOCs that are directly related to this one. These links are bidirectional, which relies on an automation tied to a hidden field: Related To.
  • A good example would be a piece of malware with the following attributes:

    • File name: malware.exe

    • MD5: a8f5f167f44f4964e6c998dee827110c

    • SHA1: 85136c79cbf9fe36bb9d05d0639c70c265c18d37

      Each of these items would be individual IOCs in the IOC Database, however, they are linked to one another. Note, linking in one direction automatically links in the other direction as well.

      Each of these items would be individual IOCs in the IOC Database, however, they are linked to one another. Note, linking in one direction automatically links in the other direction as well.