DomainToolsIris#
DomainToolsIris_AddRiskyDNSTag#
Author: DomainTools
License: AGPL-V3
Version: 1.0
Supported data types:
- thehive:case_artifact
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Add Tag saying that the case contains a risky DNS.
Configuration#
| high_risk_threshold | Risk score threshold to be considered high risk. |
|---|---|
| Default value if not configured | 70 |
| Type of the configuration item | number |
| The configuration item can contain multiple values | False |
| Is required | False |
DomainToolsIris_CheckMaliciousTags#
Author: DomainTools
License: AGPL-V3
Version: 1.0
Supported data types:
- thehive:case_artifact
Registration required: N/A
Subscription required: N/A
Free subscription: N/A
Third party service: N/A
Description#
Add Tag saying that the observable and case have a malicious tag in their Iris Tags.
Configuration#
| monitored_iris_tags | Monitored Iris tags. |
|---|---|
| Default value if not configured | N/A |
| Type of the configuration item | string |
| The configuration item can contain multiple values | True |
| Is required | False |