IOFA Exports provides Enterprise customers with centralized access to all Indicators of Future Attack (IOFA) data. It allows you to view, download, and automate the export of high-confidence future-threat indicators through a single, convenient interface.
This feature enables you to consolidate IOFA data with a single download, set up automated, recurring updates, and easily integrate the latest indicators into your security tools and workflows.
Prerequisites
An API key is required to access and export IOFA data. For setup instructions, refer to the Knowledge Base.
How to Access IOFA Exports
From the navigation menu, select Defend > Data Export.
Click the Category button at the top of the page
Select IOFA Exports
What You’ll See in IOFA Feeds
Information Type | Description |
|---|---|
Name | Name of the feed |
Observables | Total number of observables (indicators) in the feed |
Observable Type | Type of data in the feed (e.g., domain, IPv4, etc.) |
Resource Type | How the feed was created (Manual, URL, etc.) |
Owner | Name of the feed owner |
Description | Description added by the creator |
Tags | Tags and labels assigned for additional context |
How to Export IOFA Data
Automate Export (API Endpoint)
Locate and click on your desired IOFA feed
Click Automate Export
Choose your preferred format/method:
Copy the API Endpoint (time-limited URL valid for 3 hours)
Use the provided code snippet to integrate into your automation scripts or security tools
Manual Download
Locate the desired feed
Click Download File
Select the required file type and download