Skip to content

ThreatResponse#

ThreatResponse#

Author: Cisco Security
License: MIT
Version: 1.0
Supported observables types:
- domain
- filename
- fqdn
- hash
- ip
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description#

Threat Response

Configuration#

region Threat Response Region (us, eu, or apjc). Will default to 'us' region if left blank
Default value if not configured __
Type of the configuration item string
The configuration item can contain multiple values False
Is required False
client_id Threat Response Client ID
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
client_password Threat Response API Client Password
Default value if not configured N/A
Type of the configuration item string
The configuration item can contain multiple values False
Is required True
extract_amp_targets Would you like to extract AMP connector GUIDs as artifacts?
Default value if not configured False
Type of the configuration item boolean
The configuration item can contain multiple values False
Is required False

Templates samples for TheHive#

No template samples to display.


Last update: November 15, 2021 06:39:13