Accenture CTI v2
This pack has 2 sub-pack/integration namely:
- ACTI Indicator Query
- ACTI Vulnerability Query
This pack automates the detection of threats and the triage/investigation of incidents by importing Accenture CTI (ACTI) data and intelligence reports into the XSOAR platform. The incident-enrichment functionality not only alleviates tedious research tasks traditionally performed by analysts, but also automatically folds ACTI intelligence reports associated with a given incident into the incident. The result is a complete picture of what ACTI knows about any given threat the moment the analyst opens the XSOAR incident.
What to expect from the Accenture Cyber Threat Intelligence (Accenture CTI v2) pack?
- A playbook that automatically queries Accenture's IntelGraph API to pull context for IOC and associated intelligence reports into XSOAR incidents.
- Reputation Commands to query for network-level indicators (IP, Domain, and URL).
- Command to query for ACTI intelligence reports.
- Command to query ACTI Vulnerability database.
- The pack also includes 6 additional playbooks that enable users to conduct ad hoc queries and sub-playbooks that enable users to pull ACTI data into either XSOAR's generic playbooks or playbooks from other vendors.