![]() Securonix Investigate’s Confluence integration allows Securonix Investigate to search Confluence to return any Space, Attachment, Page, or Blog that is contained in Confluence. Securonix Investigate Cofense Intelligence™ integration allows Securonix Investigate to quickly identify malicious file hashes contained within the Cofense Intelligence™ platform. Will report whether a domain is uncategorized, malicious or benign and includes content and security category details. Securonix Investigate’s Cisco-umbrella integration provides categorization information for domains. Securonix Investigate’s Cisco Threat Response integration allows Securonix Investigate to search the Threat Response Enrich API to return information about various indicator types. Securonix Investigate's DHS CISA Known Exploited Vulnerabilities Integration returns information on vulnerabilities (CVEs) that have been identified by CISA. Securonix Investigate’s Chronicle Backstory integration allows automated queries to the Events, Assets, and IOC Details endpoints in Chronicle Backstory's API from the Securonix Investigate overlay window. It fetches the entire host entity by IP address and returns the most recent Censys view of the host and its services. Securonix Investigate’s Censys integration allows you to quickly perform research against the Censys "hosts" API endpoint. Securonix Investigate’s Carbon Black integration allows Securonix Investigate to search your Carbon Black EDR (Endpoint Detection and Response) for MD5 and SHA256 hashes in real-time. If you are using a free account, we highly recommend running this integration as On-Demand Only. Free accounts are limited to 250 queries per month. Securonix Investigate’s BinaryEdgeintegration allows for enrichment of IP's, Domains, and E-mail addresses. Securonix Investigate’s Azure ADFS Error Codes enables analysts to have information on what the error code is and how to resolve the error. In addition, user lookups are supported via e-mail address. The integration supports device lookups by preferred IP address, domain, and a custom hostname type. Securonix Investigate’s Axonius integration allows Securonix Investigate to search the Axonius API to return event information on internal users and assets. Securonix Investigate’s AttackerKB integration allows for CVEs on the analyst screen to be queried against the "Topic" API. Securonix Investigate’s ARIN integration allows Securonix Investigate to search the American Registry of Internet Numbers database to return information about IP addresses. ![]() Securonix Investigate's Area Code lookup integration displays state level location information for area codes in US phone numbers. The integration reports if the indicator in question is present in any of the block lists tracked by the APIVoid IP and Domain reputation services. ![]() Securonix Investigate's APIVoid integration retrieves reputation information for IP addresses and domains. This integration queries various indicator types against the Andariel Threat Intel Report (TIR) archive. ![]() Securonix Investigate’s ADVINTEL Andariel IOC integration allows you to search across the Andariel IOC API for various indicator types. Securonix Investigate’s Andariel Botnet/RDP integration allows indicator searches across the Advanced Intelligence breach records dataset. The Analyst1 integration allows Securonix Investigate to get quick identification of Indicators and CVEs associated to Actors, Malware, and MITRE ATT&CK from the Analyst1 platform. Securonix Investigate’s AlienVault OTX integration allows Securonix Investigate to search AlienVault OTX's open source API to return pulse and passive DNS information on Hashes, IPs and Domains. The Securonix Investigate AbuseIPDB Integration supports enrichment of IP addresses in ipv4 and ipv6 format. This helps SOC analysts and threat hunters detect security threats and discard false positives without being compromised on thoroughness and speed. ![]() Securonix Investigate has a robust set of configured integrations enabled for the user which return the up-to-date threat intelligence results. ![]()
0 Comments
Leave a Reply. |