Skip to main content

Attivo Botsink

Download With Dependencies

Network-based Threat Deception for Post-Compromise Threat Detection.

Note: Support for this pack moved to the partner on Jan 24, 2022. Please contact the partner directly via the support link on the right.

Attivo Networks® provides an innovative defense for protection against identity compromise, privilege escalation, and lateral movement attacks. The company’s solutions deliver unprecedented visibility, prevention, and derailment for security exposures, attack paths, and attack escalation activities across endpoints, Active Directory, and cloud environments.

What does this pack do?

The integration commands in this content pack will allow you to:

  • Pull new detection events into the XSOAR platform
  • Query the Attivo platform for information on whether a given indicator relates to a deceptive or production asset
  • Deploy new deceptive elements in your production environment

Note: Support for this pack moved to the partner on Jan 24, 2022. Please contact the partner directly via the support link on the right.

Attivo Networks® provides an innovative defense for protection against identity compromise, privilege escalation, and lateral movement attacks. The company’s solutions deliver unprecedented visibility, prevention, and derailment for security exposures, attack paths, and attack escalation activities across endpoints, Active Directory, and cloud environments.

What does this pack do?

The integration commands in this content pack will allow you to:

  • Pull new detection events into the XSOAR platform
  • Query the Attivo platform for information on whether a given indicator relates to a deceptive or production asset
  • Deploy new deceptive elements in your production environment

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedNovember 9, 2020
Last ReleaseDecember 4, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.