InvestigationSummaryParse
This Script is part of the Malware Investigation and Response Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.2.0 and later.
Retrieves information from previously run reputation commands and aggregates their results.
Script Data#
| Name | Description |
|---|---|
| Script Type | python3 |
| Cortex XSOAR Version | 6.2.0 |
Inputs#
There are no inputs for this script.
Outputs#
| Path | Description | Type |
|---|---|---|
| InvestigationSummary.EvidenceOfPersistence.Tactic | The tactic associated with the evidence of persistence finding. | String |
| InvestigationSummary.EvidenceOfPersistence.Result | The result of the evidence of persistence finding. | String |
| InvestigationSummary.EvidenceOfPersistence.Sources | The sources by which the evidence of persistence value was set. | String |
| InvestigationSummary.EvidenceOfDefenseEvasion.Tactic | The tactic associated with the evidence of defense evasion finding. | String |
| InvestigationSummary.EvidenceOfDefenseEvasion.Result | The result of the evidence of persistence finding. | String |
| InvestigationSummary.EvidenceOfDefenseEvasion.Sources | The sources by which the evidence of defense evasion value was set. | String |
| InvestigationSummary.EvidenceOfExecution.Tactic | The tactic associated with the evidence of execution finding. | String |
| InvestigationSummary.EvidenceOfExecution.Result | The result of the evidence of execution finding. | String |
| InvestigationSummary.EvidenceOfExecution.Sources | The sources by which the evidence of execution value was set. | String |
| InvestigationSummary.EvidenceOfLateralMovement.Tactic | The tactic associated with the evidence of lateral movement finding. | String |
| InvestigationSummary.EvidenceOfLateralMovement.Result | The Result of the evidence of lateral movement finding. | String |
| InvestigationSummary.EvidenceOfLateralMovement.Sources | The sources by which the evidence of lateral movement value was set. | String |
| InvestigationSummary.EvidenceOfPrivilegeEscalation.Tactic | The tactic associated with the evidence of privilege escalation finding. | String |
| InvestigationSummary.EvidenceOfPrivilegeEscalation.Result | The result of the evidence of privilege escalation finding. | String |
| InvestigationSummary.EvidenceOfPrivilegeEscalation.Sources | The sources by which the evidence of privilege escalation value was set. | String |
| InvestigationSummary.EvidenceOfCommandAndControl.Tactic | The tactic associated with the evidence of command and control finding. | String |
| InvestigationSummary.EvidenceOfCommandAndControl.Result | The result of the evidence of command and control finding. | String |
| InvestigationSummary.EvidenceOfCommandAndControl.Sources | The sources by which the evidence of command and control value was set. | String |