This Flow allows you to monitor all the traffic from your firewall by correlating it against a table that contains malicious IP addresses. If there is a match, Flow will generate an enriched event that will be logged in a designated my.app table. From this new table, you can take further action by creating detection rules to identify threats that put your organization at risk.

Table of Contents:

00:00 Introduction

00:24 The use case

00:48 The Generator unit

01:03 The Devo Full Query unit

02:29 The Devo Source Unit

02:43 The Lookup unit

03:20 The Devo Sync unit

In the following link, you will find everything you need to know about this use case and how to create it in Flow: https://docs.devo.com/space/latest/95215607

For more videos on Devo Flow: https://www.youtube.com/playlist

Visit us online to keep up to date with the latest content: https://linktr.ee/TheDevoPlatform