Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.5.0 and later.
#
What does this pack do?#
This pack enables security teams to:- Access a unified risk management from the most popular SOAR platform.
- Visualize to the most critical risks within your organization
- Identify security incidents filtered by severity (critical, medium and low)
- See the full context of the incident, including CVE id, name, description, and affected hostnames.
#
Configure RecordedFutureASI on Cortex XSOAR#
Get your Project ID- Log in to SecurityTrails SurfaceBrowser
- Go to the Projects page by clicking the
Projects
link in the top right - Click on the Project that you want to use in XSOAR
- Copy the ID from the URL (looks like
c1234567-c123-4123-9123-0123456789ab
)
#
Get your API Key- Log in to SecurityTrails SurfaceBrowser
- Click the username in the top right corner
- Click on Account
- Go to API > API Keys
- Create a new API key with a note that it is being used for the XSOAR Integration
#
Setting up the IntegrationNavigate to Settings > Integrations > Servers & Services.
Search for RecordedFutureASI.
Click Add instance to create and configure a new integration instance.
Parameter Required API Key True Project ID True Fetch incidents False Incidents Fetch Interval False Incident type False First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year) False Max Fetch False Click Test to validate the token and connection.
#
CommandsYou can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
asi-project-issues-fetchFetches all the current or added issues.
#
Base Commandasi-project-issues-fetch
#
InputArgument Name | Description | Required |
---|---|---|
issues_start | Timestamp to get added issues after | Optional |
#
Context OutputThere is no context output for this command.