To add a bundle or target to your policy first go to Policies > Edit in your admin portal
Now go to the Target Bundles or Individual Targets tab > click on the target/bundle you want to add > click Add > and Save the policy when you're done
Some handy features to know:
(1) You can customize the RPZ action in DNS Defense policies. Usually ThreatSTOP default is the safest though.
(2) You can click on the names of targets/bundles in the bottom right to jump straight to selecting them.
(3) For targets you can see which bundles they're in already. If you have the bundle you don't need the target.
(4) Confidence is basically how unlikely it is you'll see a false positive from this policy.
(5) You can add your own white/blacklist targets via User Defined Lists which are connected to the policy here.
Comments