LookingGlass Cyber

An Indicator is an Intelligence Object sharing many Relationships with other objects.

According to STIX Version 2.1, Indicators contain a pattern that can be used to detect suspicious or malicious cyber activity. For example, an Indicator may be used to represent a set of malicious domains.

Relationships from the Indicator can describe the malicious or suspicious behavior that it directly detects (Malware, Tool, and Attack Pattern). In addition, it may also imply the presence of a Campaigns, Intrusion Sets, and Threat Actors, etc. (Reference: STIX Version 2.1)

___________________________________________________________

<a href="https://support.lookingglasscyber.com/en/articles/6182752-scoutthreat-creating-an-indicator-object" target="_blank">Creating an Indicator Object</a>

<a href="https://support.lookingglasscyber.com/en/articles/6182760-scoutthreat-deactivating-and-sharing-an-indicator-object" target="_blank">Deactivating and Sharing an Indicator Object</a>

- <a href="https://support.lookingglasscyber.com/en/articles/6182752-scoutthreat-creating-an-indicator-object" target="_blank">Creating an Indicator Object</a>
- <a href="https://support.lookingglasscyber.com/en/articles/6182760-scoutthreat-deactivating-and-sharing-an-indicator-object" target="_blank">Deactivating and Sharing an Indicator Object</a>

<a href="https://support.lookingglasscyber.com/en/articles/6177471-scoutthreat-user-documentation-table-of-contents" target="_blank">scoutTHREAT User Documentation Table of Contents</a>

scoutTHREAT - Indicator Objects Overview

LookingGlassCyber.com

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you