FAQ about feeds (v0)
Frequently Asked Questions about Feeds.
Typically, when you do an initial feed search:
$ cif -q infrastructure/scan
the client sets the default confidence and severity to "95" and "high" respectively. e.g.
$ cif -q infrastructure/scan -c 95 -s high
These defaults are set both on the client and the server to:
Most of the threat intelligence that CIF is configured to pull in by default have a confidence of 85 and a severity of medium. For this reason, you may want try something like this:
$ cif -q infrastructure/scan -c 85 -s medium
Other CLI examples can be found in the wiki under Feeds -> Types