This is the page used to configure the IoC services utilized by PhishTrace. It specifies which features will be activated for each service. Additionally, for services that require an API key, the necessary information is entered.
The operations performed by IoC services consist of scans for SERVER DOMAIN, SERVER HOST, SERVER IP, BODY URL, BODY DOMAIN, BODY IP, FILE CONTENT, FILE HASH SHA1, FILE HASH SHA256, and FILE HASH MD5.
Each IoC service has its own settings, as marked in the visual.
Scope defines the options to be used for the specific service.
Tag Threshold determines how many sources must detect a malicious element for the service’s tag to be added during the IoC scan. These sources are those utilized by the IoC service.
Outcome refers to the messages generated by the IoC service once the scan is completed.
Keys, some services, such as Virus Total and Meta Defender, operate using an API key. This section is where the API keys are entered.
Enable Local Cache is a method used to reduce usage on IoC services that have quota limits. Malicious elements are cached and stored in the database for 2 weeks, while clean email scans are cached for 1 week.
Check Configurations button performs a health check for the IoC services.