ThreatResponse#

Author: Cisco Security
License: MIT
Version: 1.0
Supported observables types:
- domain
- filename
- fqdn
- hash
- ip
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Threat Response

Configuration#

region	Threat Response Region (us, eu, or apjc). Will default to 'us' region if left blank
Default value if not configured	__
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	False

client_id	Threat Response Client ID
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

client_password	Threat Response API Client Password
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

extract_amp_targets	Would you like to extract AMP connector GUIDs as artifacts?
Default value if not configured	False
Type of the configuration item	boolean
The configuration item can contain multiple values	False
Is required	False

Templates samples for TheHive#

No template samples to display.