Unisys Stealth
This Integration is part of the Unisys Stealth Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
This integration is intended to aid companies in integrating with the Stealth EcoAPI service. Using the included commands, security teams can trigger dynamically isolation of users or endpoints from the rest of the Stealth network.
Configure Unisys Stealth on Cortex XSOAR#
Navigate to Settings > Integrations > Servers & Services.
Search for Unisys Stealth.
Click Add instance to create and configure a new integration instance.
Parameter Required Stealth Eco API IP Address or Hostname True Stealth Eco API Port True Credentials True Isolation Role ID False Trust any certificate (unsecure) False Use Proxy? False Click Test to validate the URLs, token, and connection.
Commands#
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
stealth-isolate-machine#
This is the command which will isolate an endpoint from the Stealth Network
Base Command#
stealth-isolate-machine
Input#
| Argument Name | Description | Required |
|---|---|---|
| endpoint | FQDN of machine to isolate. | Required |
Context Output#
There is no context output for this command.
stealth-unisolate-machine#
This is the command which will un-isolate an endpoint from Stealth Network
Base Command#
stealth-unisolate-machine
Input#
| Argument Name | Description | Required |
|---|---|---|
| endpoint | FQDN of machine to isolate. | Required |
Context Output#
There is no context output for this command.
stealth-get-stealth-roles#
Retrieve roles from Stealth Network
Base Command#
stealth-get-stealth-roles
Input#
There are no input arguments for this command.
Context Output#
There is no context output for this command.
stealth-isolate-user#
This is the command which will isolate an user from the Stealth Network
Base Command#
stealth-isolate-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| user | Hostname of machine to isolate. | Optional |
Context Output#
There is no context output for this command.
stealth-unisolate-user#
This is the command which will un-isolate an user from Stealth Network
Base Command#
stealth-unisolate-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| user | Username to un-isolate. | Optional |
Context Output#
There is no context output for this command.
stealth-isolate-machine-and-user#
This is the command which will isolate an endpoint and user from the Stealth Network
Base Command#
stealth-isolate-machine-and-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| endpoint | FQDN of machine to isolate. | Optional |
| user | Username to isolate. | Optional |
Context Output#
There is no context output for this command.
stealth-unisolate-machine-and-user#
This is the command which will un-isolate an endpoint and user from Stealth Network
Base Command#
stealth-unisolate-machine-and-user
Input#
| Argument Name | Description | Required |
|---|---|---|
| endpoint | FQDN of machine to isolate. | Optional |
| user | Username to un-isolate. | Optional |
Context Output#
There is no context output for this command.