Imperva Cyber Community

Dear all,

I've got an IOCs list of IP addresses from a threat intelligence source, which we would like to block their access to our web applications. How could I know if these IP addresses are already in the ThreatRadar - Malicious IP database or not? If not, we should create a blacklist to block these IP addresses.

Anyone has question similar to this before? 

Thank you.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Ken Chau
IT Manager
Central Hong Kong
------------------------------

Hi,

you can check the malicious IP from ThreatRadar on setup->global objects -> lookup data.



------------------------------
Karol Gruszczyński
IT Security Expert
Trafford IT
Warsaw
------------------------------

Original Message:
Sent: 07-19-2022 01:29
From: Ken Chau
Subject: Any way to check/list the IP addresses in ThreatRadar - Malicious IP database

Dear all,

I've got an IOCs list of IP addresses from a threat intelligence source, which we would like to block their access to our web applications. How could I know if these IP addresses are already in the ThreatRadar - Malicious IP database or not? If not, we should create a blacklist to block these IP addresses.

Anyone has question similar to this before? 

Thank you.
#On-PremisesWAF(formerlySecuresphere)

------------------------------
Ken Chau
IT Manager
Central Hong Kong
------------------------------