This playbook automatically enriches indicators (including IPs, URLs, domains; MD5, SHA-1, and SHA-256 file hashes). Playbook input: the indicators you want to enrich. Playbook output: detection engine results, positive detections, detection ratios; as well as severity, confidence, and threat scores.
- Version History
This pack is the integration of Demisto and CyberTotal. CyberTotal is a cloud-based threat intelligence service developed by CyCraft, which cohesively integrates multiple and varied CTI sources, open source intel, and proprietary threat intel to provide best-in-class threat intelligence. CyberTotal helps companies quickly identify and triage threats as well as verify security alerts through automated correlation analysis and knowledge base optimization.
CyCraft Technology Corporation.
|Created||September 23, 2020|
|Last Release||December 1, 2021|