Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

Building an advanced query 20 min

In this video we build a threat hunting query to search for Indicators of Compromise for Iranian threat actors.  The query creates a table then search across IP, Name, Domain, Port and Hash tables to find the threats.