PhishingIndicator(indicator_type=None, value=None, source_key=None, normalized_indicator_score=None, original_indicator_score=None)¶
Models a PhishingIndicator.
- indicator_type – The type of the extracted entity (e.g. URL, IP, …)
- value – The value of an extracted entity (e.g. www.badsite.com, etc.)
- source_key – A string that is associated with the closed source providing context (e.g. ‘virustotal’, ‘crowdstrike_indicator’)
- normalized_indicator_score – The normalized score associated with a context entity
- original_indicator_score – A score given to the indicator by its original source
Creates a phishing indicator object from a dictionary.
Parameters: phishing_indicator – The phishing indicator dictionary.