Hi all!
I want to automate blocking some bad domains(@badDomain.xx) using API.
I have the QRadar. After the rule is triggered, qRadar should send the API script to IronPort using API, and "Reject" certain bad domain in "Sender Verification Exception Table".
I have not worked with the API before. Can you tell me which script I need to send from the qRadar to the IronPort?
I have Cisco ESA IronPort C600V.
Thanks al!