Are IoC's integrated automatically? From which sources are these taken from?
The system focuses on generic pattern (general characteristics and abnormalty) and less on so-called "Indicators of Compromises". In addition, a Threat Intelligence is maintained, in which IoC's or signatures are provided as an update (by manual analysis). Various sources such as recommendations from the Federal Office for Information Security or expert analysis are used for these updates.