Help
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
premchanderr
Staff & Editor
Staff & Editor

Created on ‎11-29-2023 11:51 PM

Article Id 286801

Technical Tip: IP Address Validation of FortiSIEM FortiGuard ThreatFeed Update

Description

 

This document describes why few IP Addresses are included/excluded in the Fortiguard Threatfeed List.

 

Scope

 

FortiSiem v6.x+.

 

Solution

 

To confirm the legitimacy of an IP address or a list, you need to validate in https://ioc.fortiguard.com/analyze-ioc, it is essential to log in with a Fortinet support account. This platform enables users to verify all details of specific IP addresses, assess their malicious potential, and obtain details such as risk score, live rating, and the source/ country associated with each IP address.


For users seeking a comprehensive list of threat feed IP addresses, this information can be obtained from the Fortinet Developer Network (FNDN) with a 'site toolkit' subscription. Details on this subscription can be found in the Fortinet Developer Network PDF.

It is important to note that without this subscription, extracting the list is not possible. However, there is an IOC license, the list can be extracted from the IOC list on the FortiSIEM.

 

Related document:

https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/Fortinet_Developer_Network.pdf

 

For further clarification on the IP address, contact the FortiGuard at https://www.fortiguard.com/contactus

1037
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.