Skip to main content

Group-IB Threat Intelligence & Attribution

Group-IB Threat Intelligence & Attribution is a system for analyzing and attributing cyberattacks, threat hunting, and protecting network infrastructure based on data relating to adversary tactics, tools, and activity. Use this pack to fast receive incidents related to you, attribute them to adversaries to do instant response, enrich your security with an enormous IOCs collection, and provide possibilities for manual investigation through Group-IB data via Cortex XSOAR interface.

Nowadays businesses in any sphere may have problems with their cybersecurity: from simple phishing to professional cybercriminals, so it is very important to respond to incidents quickly.

Group-IB Threat Intelligence & Attribution Pack can help you with managing your incident and indicators from Group-IB within the SOAR system.

What does this pack do?

  • Receive incidents and attribute them to adversaries.
  • Enrich security system with IOCs.
  • Provide possibilities for manual investigation through Group-IB data via Cortex XSOAR interface.

As part of this pack, you will also get incident types, fields, and layouts; indicator types, fields, and layouts; the classifier and mapper for properly delivering data to these types and fields. Also, you will get a playbook, that enriches incidents, upcoming from Group-IB with threat reports and threat actor information.

Incident Postprocessing - Group-IB Threat Intelligence & Attribution

PUBLISHER

Group-IB

INFO

CertificationRead more
Supported ByPartner
CreatedMay 13, 2021
Last ReleaseOctober 21, 2021
HuntingLost Or Stolen DevicePhishingThreat Intelligence ManagementMalware
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.