Cybersixgill Actionable Alerts
Cybersixgill Actionable Alerts Pack.#
This Integration is part of theCybersixgill automatically collects intelligence in real-time on all items that appear in the underground sources which we monitor. By using various rules and machine learning models, Cybersixgill automatically correlates these intelligence items with pre defined organization assets, and automatically alerts users in real time of any relevant intelligence items.
The integration will focus on retrieving Cybersixgill's Actionable Alerts as incidents
#
Use CasesFetch Incidents & Events
#
Configure Cybersixgill on XSOARParameter | Description | Required |
---|---|---|
client_id | Cybersixgill API client ID | True |
client_secret | Cybersixgill API client secret | True |
threat_level | Filter by alert threat level | False |
threat_type | Filter by alert threat type | False |
#
Fetch incidentsYou can execute these commands from the XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
output#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
cybersixgill-update-alert-statusupdates the existing actionable alert status
#
Base Commandcybersixgill-update-alert-status
#
InputArgument Name | Description | Required |
---|---|---|
alert_id | The alert id to update. | Required |
alert_status | The new status. | Required |
aggregate_alert_id | The aggregate alert id. | Optional |
#
Context OutputThere is no context output for this command.
#
Additional InformationContact us: support@cybersixgill.com