Build your first blocklist

A single video that walks you through the entire flow: create the EDL, configure threat lists and rulesets, generate the URL, and connect it to a firewall.

What you'll learn

How ELLIO threat lists, recon lists, and Common Business Services combine into a single EDL.
The role of inclusions vs. exclusions - and why exclusions always win.
Picking the right firewall format (Palo Alto, FortiGate, Check Point, F5, pfSense, OPNsense, Sophos, ntopng, Universal, or Traefik).
Where to find the generated EDL URL and how often it refreshes.

Companion docs

Creating Your First Custom Blocklist - the written reference, with the full table of supported firewall formats.
Traefik Middleware Plugin - if you want a code-driven proxy integration instead of a firewall fetch.
Blocklist Automation API - programmatic management for everything you saw in the UI.

Next video

Continue to Sentinel TAXII end-to-end to learn how the same threat data flows into Microsoft Sentinel via TAXII 2.1.

What you'll learn​

Companion docs​

Next video​

What you'll learn

Companion docs

Next video