Hi Greg,
I too hit this when I was looking at SecIntel feeds, so I ended up writing a python script that pulls down the XML feed from Microsoft and converts it into a format that can be read by the SRX SecIntel module.
It's an internal tool, but I'd be happy to give it a bit of polish and publish it online if it would be of use to anyone else?
Let me know what feeds you want to see and I'll add them in.
------------------------------
Cheers,
Ben Dale
JNCIE-SEC #63
JNCIP-SP
JNCIP-ENT
JNCIP-DC
------------------------------
Original Message:
Sent: 11-02-2020 14:26
From: Unknown User
Subject: Third Party SecIntel Feed - Microsoft Updates
Hello,
Regarding information from the Juniper documentation on SecIntel feeds
https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html
Does anyone know of feeds for Microsoft servers or CDNs that are associated with Microsoft products and their associated updates? Alternatively, are there any good repositories that may have feed URLs that can be referenced to try to find a corresponding feed for something that you might need? I can't seem to find any documentation on what kind of "feeds" these are and I haven't been able to turn up anything with searches on third party SecIntel feeds.