Cyren Inbox Security
Cyren Inbox Security Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Cyren Inbox Security is an innovative solution that safeguards Office 365 mailboxes in your organization against evasive phishing, business email compromise (BEC), and fraud. This integration imports incidents from Cyren Inbox Security into XSOAR, and includes a playbook for incident resolution. This integration was integrated and tested with version 1.0 of Cyren Inbox Security
#
Configure Cyren Inbox Security in CortexParameter | Description | Required |
---|---|---|
Server URL | The endpoint provided by your Cyren Representative. (use "sample" to test) | True |
Client ID | The client iD provided by your Cyren Representative. (use "sample" to test) | True |
Client Secret | The client secret provided by your Cyren Representative. (use "sample" to test) | True |
First fetch time | 1 day, 2 days, etc... | False |
Maximum number of incidents per fetch | False | |
Incident type | False | |
Fetch incidents | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
cyren-resolve-and-remediateresolve a case and remediate incidents
#
Base Commandcyren-resolve-and-remediate
#
InputArgument Name | Description | Required |
---|---|---|
case_id | case ID. | Required |
resolution | resolution. Possible values are: phishing, malware, clean, other. | Optional |
resolution_reason | the reason of the resolution. Possible values are: Identified phishing URL, Identified suspicious sender, Other, Scam, Spam. | Optional |
resolution_reason_text | free text for resolution reason. | Optional |
actions | remediation actions to perform. Possible values are: MOVE_TO_SPAM, MOVE_TO_DELETED, ADD_BANNER, SOFT_DELETE, MOVE_TO_INBOX, REMOVE_BANNER. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Cyren.data.status | string | status of actions performed |
#
Command Example!cyren-resolve-and-remediate resolution=phishing resolution_reason="Identified suspicious sender" case_id="62877980-6ac7-4944-b3fa-62ddf628a0fe" resolution_reason_text="I think it is phishing" actions=ADD_BANNER,MOVE_TO_DELETED
#
Context Example#
Human Readable Output#
cyren-resolve-and-remediate results
status ok end of results
#
cyren-reset-sample-fetchresets integration to fetch a sample incident
#
Base Commandcyren-reset-sample-fetch
#
InputArgument Name | Description | Required |
---|
#
Context OutputThere is no context output for this command.
#
Command Example!cyren-reset-sample-fetch
#
Human Readable OutputA sample incident will be created on the next execution of system fetch-incidents command