InvestigationDetailedSummaryParse
This Script is part of the Malware Investigation and Response Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.2.0 and later.
This script parses attacks from context and shows them according to the MITRE technique they use. The MITRE ATT&CK v2 pack (v1.1.0 or newer) is required for this automation to run properly.
Script Data#
| Name | Description |
|---|---|
| Script Type | python3 |
| Tags | basescript |
| Cortex XSOAR Version | 6.2.0 |
Inputs#
There are no inputs for this script.
Outputs#
| Path | Description | Type |
|---|---|---|
| InvestigationDetailedSummary.Execution.Command and Scripting Interpreter | Whether the Command and Scripting Interpreter technique was detected. | bool |
| InvestigationDetailedSummary.Privilege Escalation.Boot or Logon Autostart Execution | Whether the Boot or Logon Autostart Execution technique was detected. | bool |
| InvestigationDetailedSummary.Lateral Movement.Command and Scripting Interpreter | Whether the Indicator Removal on Host technique was detected. | bool |
| InvestigationDetailedSummary.Defense Evasion.Remote Services | Whether the Remote Services technique was detected. | bool |
| InvestigationDetailedSummary.Persistence.Boot or Logon Autostart Execution | Whether the Boot or Logon Autostart Execution technique was detected. | bool |