Data Export

Updated
  • Updated on Sep 10, 2025
  • Published on Apr 14, 2025
  • 1 minute(s) read
Prev Next

Data export features

The Data Export module is a centralized location to export threat indicator data to various locations.

Data Export contains five features that fulfill different customer needs:

  • Organization Exports: View all custom feeds created and pushed by your organization from the Feed Scanner, and implement automated feed exports or downloads.

  • Bulk Data Export: Use to access large files of threat indicators that are hosted in AWS. You can manually download bulk files for offline analysis, or automate the download to ensure periodic contemporary data feeds. Ideal for retrieving comprehensive snapshots of threat data at regular intervals.

  • IOFA Exports: View all available IOFA feeds in one location and access IOFA data through a single download option. Ideal for streamlining the inclusion of IOFAs into your current workflow.

  • Archive Exports: This feature enables users to access and download archived threat indicator data, including domains and IP addresses associated with specific campaigns or threat actors. This is ideal for retrieving historical threat data for analysis.

  • IP Context: This feature provides detailed context for IP addresses, including observable counts. It includes download credit costs and creation dates. It is useful for gaining insights into IP-related threat data.

Benefits

We developed the Data Export module to enable customers to export our threat intelligence data from our platform to a different environment. Use Data Exports for:

  • Centralization and Clarity: Bulk Data Exports, IOFA Exports, and Organization Exports are all in one module, which helps you quickly retrieve specific types of threat indicator data.

  • Flexibility: The Data Exports module supports both one-time downloads and ongoing, automated feeds, catering to customer needs for ad-hoc analysis and continuous monitoring.

  • Enhanced Threat Response: Access to automated exports ensures that customers always have the latest threat indicators available, facilitating faster detection and response times. Customers can also manually download, which provides flexibility to archive data snapshots or perform in-depth offline analysis.

  • Streamlined Integration: Our addition of multi-language code snippets further helps integration into diverse environments. Pre-built code snippets, such as cURL, Python, and PHP, enable security teams to integrate data quickly into their existing security stacks.