Skip to main content

Enrich McAfee DXL using 3rd party sandbox v2

Example of bridging DXL to a third party sandbox. Detonate a file in 3rd party sandbox and if malicious, push its MD5, SHA1 and SHA256 hashes to McAfee DXL.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

Detonate File - Generic

Integrations#

McAfee DXL

Scripts#

Exists

Commands#

closeInvestigation
dxl-send-event

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Report an Issue

Dependencies
Playbook Inputs
Playbook Outputs