ThreatResponse#
ThreatResponse#
Author: Cisco Security
License: MIT
Version: 1.0
Supported observables types:
- domain
- filename
- fqdn
- hash
- ip
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Threat Response
Configuration#
region | Threat Response Region (us, eu, or apjc). Will default to 'us' region if left blank |
---|---|
Default value if not configured | __ |
Type of the configuration item | string |
The configuration item can contain multiple values | False |
Is required | False |
client_id | Threat Response Client ID |
---|---|
Default value if not configured | N/A |
Type of the configuration item | string |
The configuration item can contain multiple values | False |
Is required | True |
client_password | Threat Response API Client Password |
---|---|
Default value if not configured | N/A |
Type of the configuration item | string |
The configuration item can contain multiple values | False |
Is required | True |
extract_amp_targets | Would you like to extract AMP connector GUIDs as artifacts? |
---|---|
Default value if not configured | False |
Type of the configuration item | boolean |
The configuration item can contain multiple values | False |
Is required | False |
Templates samples for TheHive#
No template samples to display.
Last update: November 15, 2021 06:39:13