Hi

Upon checking the IOC tab i can see Mandiant Open Source Intelligence feeds , how can i call these feeds when trying to build a YARA L rule ,
i want to create an alert where traffic towards these IOC's that are allowed needs to trigger an alert  and send it to SOAR .

error is this 

Also i can see this info from entity summary using Virus total , does that mean i can use this info in building YARA L . I am not sure if we have enterprise edition of VT or not ?