Cybersixgill automatically collects intelligence in real-time on all items that appear in the underground sources which we monitor. By using various rules and machine learning models, Cybersixgill automatically correlates these intelligence items with pre defined organization assets, and automatically alerts users in real time of any relevant intelligence items.
The integration will focus on retrieving Cybersixgill's Actionable Alerts as incidents
Fetch Incidents & Events
- Navigate to Settings > Integrations > Servers & Services.
- Search for Cybersixgill.
- Click Add instance to create and configure a new integration instance.
|client_id||Cybersixgill API client ID||True|
|client_secret||Cybersixgill API client secret||True|
|threat_level||Filter by alert threat level||False|
|threat_type||Filter by alert threat type||False|
- Click Test to validate the URLs, token, and connection.
You can execute these commands from the XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
updates the existing actionable alert status
|alert_id||The alert id to update.||Required|
|alert_status||The new status.||Required|
|aggregate_alert_id||The aggregate alert id.||Optional|
There is no context output for this command.
Contact us: firstname.lastname@example.org