ThreatResponse

ThreatResponse

Author: Cisco Security
License: MIT
Version: 1.0
Supported observables types:
- domain
- filename
- fqdn
- hash
- ip
- url
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A

Description

Threat Response

Configuration

region	Threat Response Region (us, eu, or apjc). Will default to 'us' region if left blank
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	False

client_id	Threat Response Client ID
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

client_password	Threat Response API Client Password
Default value if not configured	N/A
Type of the configuration item	string
The configuration item can contain multiple values	False
Is required	True

extract_amp_targets	Would you like to extract AMP connector GUIDs as artifacts?
Default value if not configured	N/A
Type of the configuration item	boolean
The configuration item can contain multiple values	None
Is required	False

Templates samples for TheHive

No template samples to display.

---

Last update: October 16, 2020 10:16:05