SRX

Expand all | Collapse all

Third Party SecIntel Feed - Microsoft Updates

  • 1.  Third Party SecIntel Feed - Microsoft Updates

    Posted 27 days ago

    Hello,

     

    Regarding information from the Juniper documentation on SecIntel feeds

     

    https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html

     

    Does anyone know of feeds for Microsoft servers or CDNs that are associated with Microsoft products and their associated updates? Alternatively, are there any good repositories that may have feed URLs that can be referenced to try to find a corresponding feed for something that you might need? I can't seem to find any documentation on what kind of "feeds" these are and I haven't been able to turn up anything with searches on third party SecIntel feeds.



  • 2.  RE: Third Party SecIntel Feed - Microsoft Updates

     
    Posted 12 days ago
    Hi Greg,

    I too hit this when I was looking at SecIntel feeds, so I ended up writing a python script that pulls down the XML feed from Microsoft and converts it into a format that can be read by the SRX SecIntel module.

    It's an internal tool, but I'd be happy to give it a bit of polish and publish it online if it would be of use to anyone else?

    Let me know what feeds you want to see and I'll add them in.

    ------------------------------
    Cheers,

    Ben Dale
    JNCIE-SEC #63
    JNCIP-SP
    JNCIP-ENT
    JNCIP-DC
    ------------------------------