Enrich McAfee DXL using 3rd party sandbox

Deprecated

Use "Enrich McAfee DXL using 3rd party sandbox v2" playbook instead

DEPRECATED. Use "Enrich McAfee DXL using 3rd party sandbox v2" playbook instead. Detonates a file in Wildfire and if malicious, pushes its MD5, SHA1 and SHA256 file hashes to McAfee DXL. Example of bridging DXL to a third party sandbox.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

This playbook does not use any sub-playbooks.

Integrations

  • McAfee DXL

Scripts

  • CloseInvestigation
  • Exists

Commands

  • dxl-send-event

Playbook Inputs


There are no inputs for this playbook.

Playbook Outputs


There are no outputs for this playbook.

Playbook Image


Enrich_McAfee_DXL_using_3rd_party_sandbox