Azure Security Center v2
Unified security management and advanced threat protection across hybrid cloud workloads.
JsonWhoIs
Provides data enrichment for domains and IP addresses.
Microsoft Graph Mail Single User
Microsoft Graph allows Demisto authorized access to a user's Outlook mail data in a personal or organization account.
PhishLabs IOC EIR
Get live feeds of IOC data from PhishLabs.
Tanium v2
Tanium endpoint security and systems management.
Azure Compute v2
Create and manage Azure VMs.
FireEye Helix
FireEye Helix is a security operations platform that integrates security tools and augments them with next-generation SIEM, orchestration and threat intelligence tools such as alert management, search, analysis, investigations and reporting.
Access Investigation - Generic - NIST
Investigates an access incident by gathering user and IP information, and handling the incident based on the stages in "Handling an incident - Computer Security Incident Handling Guide" by NIST.
PAN-OS - Block Domain - External Dynamic List
Blocks domains using Palo Alto Networks Panorama or Firewall External Dynamic Lists.
Convert file hash to corresponding hashes
Enables you to get all of the corresponding file hashes for a file even if there is only one hash type available.
Tanium - Get Saved Question Result
Uses generic polling to get saved question results.
Endpoint Malware Investigation - Generic
This playbook is triggered by a malware incident from an Endpoint type integration. The playbook performs enrichment, detonation, and hunting within the organization, and remediation on the malware.
NIST - Handling an Incident Template
This playbook contains the phases to handling an incident as described in the Handling an Incident section of NIST - Computer Security Incident Handling Guide.
Prisma Cloud Remediation - AWS IAM Password Policy Misconfiguration
Remediates Prisma Cloud AWS IAM password policy alerts.
Prisma Cloud Remediation - AWS IAM Policy Misconfiguration
Remediates Prisma Cloud AWS IAM policy alerts.
NIST - Lessons Learned
This playbook assists in processing an incident after it occurs and facilitates the lessons learned stage.
FireEye Helix Archive Search
Creates an archive search in FireEye Helix, and fetches the results as events.
Tanium - Ask Question
Uses generic polling to get question results.