Luminar IOCs & leaked credentials
Luminar IOCs & leaked credentials Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Cognyte is a global leader in security analytics software that empowers governments and enterprises with Actionable Intelligence for a safer world. Our open software fuses, analyzes and visualizes disparate data sets at scale to help security organizations find the needles in the haystacks. Over 1,000 government and enterprise customers in more than 100 countries rely on Cognyte’s solutions to accelerate security investigations and connect the dots to successfully identify, neutralize, and prevent threats to national security, business continuity and cyber security.
Luminar is an asset-based cybersecurity intelligence platform that empowers enterprise organizations to build and maintain a proactive threat intelligence operation that enables to anticipate and mitigate cyber threats, reduce risk and enhance security resilience. Luminar enables security teams to define a customized, dynamic monitoring plan to uncover malicious activity in its earliest stages on all layers of the Web.
This connector allows integration of intelligence-based IOC data and customer-related leaked records identified by Luminar.
#
Configure Luminar IOCs & leaked credentials in CortexParameter | Description | Required |
---|---|---|
Luminar Base URL | Luminar Base URL | True |
Luminar API Account ID | Luminar API Account ID | True |
Luminar API Client ID | Luminar API Client ID | True |
Luminar API Client Secret | Luminar API Secret | True |
Trust any certificate (not secure) | Trust any certificate (not secure) | False |
Use system proxy settings | Use system proxy settings | False |
Fetch indicators | Fetch indicators | False |
Indicator Reputation | Indicators from this integration instance will be marked with this reputation. | False |
Source Reliability | Reliability of the source providing the intelligence data. | True |
Feed Expiration Policy | Feed Expiration Policy | False |
Feed Fetch Interval | Feed Fetch Interval | False |
Tags | Supports CSV values. | False |
Traffic Light Protocol Color | The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed | False |
Bypass exclusion list | When selected, the exclusion list is ignored for indicators from this feed. This means that if an indicator from this feed is on the exclusion list, the indicator might still be added to the system. | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
luminar-get-indicatorsGets Luminar Indicators
#
Base Commandluminar-get-indicators
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximum number of indicators to return. Default is 50. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!luminar-get-indicators limit="3"
#
Context Example#
Human Readable Output#
Indicators from Luminar
Indicator Type Indicator Value Malware Family File a35866ff36a7ec0a226b8f814f3642185742020e SlayerRAT v0.4 Domain xbodyyellow.top Locky javamaker@inbox.ru OilRig
#
luminar-get-leaked-recordsGets Luminar Leaked Records
#
Base Commandluminar-get-leaked-records
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximum number of leaked records to return. Default is 50. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!luminar-get-leaked-records limit="3"
#
Context Example#
Human Readable Output#
Leaked Credentials from Luminar
Indicator Type Indicator Value Credentials Account a@a.com ###### Account b@b.com ###### Account c@c.com ######
#
luminar-reset-fetch-indicatorsWARNING: This command will reset your fetch history.
#
Base Commandluminar-reset-fetch-indicators
#
InputThere are no input arguments for this command.
#
Context OutputThere is no context output for this command.
#
Command example!luminar-reset-fetch-indicators
#
Human Readable OutputFetch history deleted successfully