Data Export

Updated
  • Updated on Aug 1, 2025
  • Published on Apr 14, 2025
  • 1 minute(s) read
Prev Next

Data Export Features

The Data Export module is a centralized location to export threat indicator data to various locations.

Data Export contains five features that fulfill different customer needs:

  • Organization Exports: View all custom feeds created and pushed by your organization from the Feed Scanner, and implement automated feed exports or downloads.

  • Bulk Data Exports: Use to access large files of threat indicators that are hosted in AWS. You can manually download bulk files for offline analysis, or automate the download to ensure periodic contemporary data feeds. Ideal for retrieving comprehensive snapshots of threat data at regular intervals.

  • IOFA Exports: View all available IOFA feeds in one location and access IOFA data through a single download option. Ideal for streamlining the inclusion of IOFAs into your current workflow.

  • Archive Exports: This allows users to access and download archived threat indicator data, including domains and IPs associated with specific campaigns or threat actors. This is ideal for retrieving historical threat data for analysis.

  • IP Context: This feature provides detailed context for IP addresses, including observable counts. It includes download credit costs and creation dates. It is useful for gaining insights into IP-related threat data.

Benefits

We developed the Data Exports module to enable customers to export our threat intelligence data from our platform to a different environment. Use Data Exports for:

  • Centralization and Clarity: Bulk Data Exports, IOFA Exports, and Organization Exports are all in one module, which helps you quickly retrieve specific types of threat indicator data.

  • Flexibility: The Data Exports module supports both one-time downloads and ongoing, automated feeds, catering to customer needs for ad-hoc analysis and continuous monitoring.

  • Enhanced Threat Response: Access to automated exports ensures that the latest threat indicators are always available to customers, which helps faster detection and responses. Customers can also manually download, which provides flexibility to archive data snapshots or perform in-depth offline analysis.

  • Streamlined Integration: Our addition of multi-language code snippets further helps integration into diverse environments. Pre-built code snippets, such as cURL, Python, and PHP, enable security teams to quickly integrate data feeds into their existing security stacks.