Enrich McAfee DXL using 3rd party sandbox v2
Example of bridging DXL to a third party sandbox. Detonate a file in 3rd party sandbox and if malicious, push its MD5, SHA1 and SHA256 hashes to McAfee DXL.
Dependencies
This playbook uses the following sub-playbooks, integrations, and scripts.
Sub-playbooks
- Detonate File - Generic
Integrations
- McAfee DXL
Scripts
- Exists
Commands
- closeInvestigation
- dxl-send-event
Playbook Inputs
There are no inputs for this playbook.
Playbook Outputs
There are no outputs for this playbook.
Playbook Image
