Skip to content

ThreatResponse#

ThreatResponse#

Author: Cisco Security
License: MIT
Version: 1.0
Supported observables types:
- domain
- filename
- fqdn
- hash
- ip
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Threat Response

Configuration#

region Threat Response Region (us, eu, or apjc). Will default to 'us' region if left blank
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required False
client_id Threat Response Client ID
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
client_password Threat Response API Client Password
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
extract_amp_targets Would you like to extract AMP connector GUIDs as artifacts?
Default value if not configured N/A
Type of the configuration item boolean
The configuration item can contain multiple values None
Is required False

Templates samples for TheHive#

No template samples to display.


Last update: October 16, 2020 10:16:05