CyberTotal | Marketplace

Details
Content
Dependencies
Version History

This pack is the integration of Demisto and CyberTotal. CyberTotal is a cloud-based threat intelligence service developed by CyCraft, which cohesively integrates multiple and varied CTI sources, open source intel, and proprietary threat intel to provide best-in-class threat intelligence. CyberTotal helps companies quickly identify and triage threats as well as verify security alerts through automated correlation analysis and knowledge base optimization.

Integrations

Name	Description
CyberTotal (Partner Contribution)	CyberTotal is a cloud-based threat intelligence service developed by CyCraft.

Playbooks

Name	Description
CyberTotal Auto Enrichment - CyCraft	This playbook automatically enriches indicators (including IPs, URLs, domains; MD5, SHA-1, and SHA-256 file hashes). Playbook input: the indicators you want to enrich. Playbook output: detection engine results, positive detections, detection ratios; as well as severity, confidence, and threat scores.
CyberTotal Whois - CyCraft	This playbook is used to automatically retrieve Whois information regarding IPs, URLs and domains. Playbook input: IPs, URLs, domains. Playbook output: Whois lookup information.

Integrations

Name	Description
CyberTotal (Partner Contribution)	CyberTotal is a cloud-based threat intelligence service developed by CyCraft.

Playbooks

Name	Description
CyberTotal Auto Enrichment - CyCraft	This playbook automatically enriches indicators (including IPs, URLs, domains; MD5, SHA-1, and SHA-256 file hashes). Playbook input: the indicators you want to enrich. Playbook output: detection engine results, positive detections, detection ratios; as well as severity, confidence, and threat scores.
CyberTotal Whois - CyCraft	This playbook is used to automatically retrieve Whois information regarding IPs, URLs and domains. Playbook input: IPs, URLs, domains. Playbook output: Whois lookup information.

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (3)

Pack Name	Pack By
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Base	By: Cortex XSOAR

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Partner
Created	September 23, 2020
Last Release	September 19, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.