An External Dynamic List (EDL) is a customizable, dynamic threat feed designed to provide security devices (like firewalls, SIEMs, or endpoint tools) with up-to-date Indicators of Compromise (IOCs), such as IPs, domains, and URLs. Our platform allows users to bring their own threat lists, apply custom exclusion rules, and generate user-specific EDLs that are accessible via URL.
- Bring Your Own IOC Lists
- Custom List Combination
- Exclusion Logic
- No Authentication Required
- Navigate to:
Profile → Manage Organization → Manage Blocklist
- Click on "Generate New File"
- Have a name to your EDL
- Enter the details of IP address who can view this EDL.
- Choose one or more existing lists from "Select Lists for Blocklist".
- Apply optional exclusion filters:
- Ignore items from your organization’s whitelist
- Exclude specific IP ranges
- Save the list and copy the generated EDL link for External Integretion.
¶ 👁️ Visibility and Sharing
- Viewable via allowed IP
A user can only view or retrieve the EDL if their public IP address is explicitly allowed in the EDL configuration.
- Easily Shareable
Share your EDL link with security appliances, SOC teams, or partner systems to automatically ingest and enforce IOC.
- No Sign-In Required for Access
The EDL link is public (though unlisted), allowing seamless integration with firewalls or threat detection tools that cannot use authentication headers or tokens.