Skip to main content

CyrenThreatInDepthRandomHunt

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

This script will take a random Cyren Threat InDepth feed indicator and its relationships and create a threat hunting incident for you.

The main query parameters for the resulting, internal indicator query are:

  • Seen for the first time by the feed source within the last 7 days.
  • No investigation on it yet.
  • Must have relationships to other indicators.

Script Data#


NameDescription
Script Typepython3
Tagsincidents, ioc, cyren, hunt
XSOAR Version6.0.0

Inputs#


Argument NameDescription
indicator_typeOptional: One of ip_reputation, malware_files, malware_urls, phishing_urls, will determine the Cyren Threat InDepth feed the indicator is taken from (if not provided a random indicator type is chosen)
incident_typeOptional: If not provided, an incident of type "Hunt" is created

Outputs#


There are no outputs for this script.

Human Readable Output#


Successfully created incident Cyren Threat InDepth Threat Hunt. Click here to investigate: 1234.