FireEye Central Management

Details
Content
Dependencies
Version History

FireEye Central Management (CM Series) is the FireEye threat intelligence hub. It services the FireEye ecosystem, ensuring that FireEye products share the latest intelligence and correlate across attack vectors to detect and prevent cyber attacks

What does this pack do?

Searches and retrieves FireEye Central Management alerts.
Searches and retrieves the details of a single alert.
Acknowledges that a specified alert was reviewed.
Downloads malware artifacts data for a specified UUID as a zip file.
Gets artifacts metadata for a specified UUID.
Retrieves information about existing IPS NX events. An IPS enabled appliance is a prerequisite to be able to retrieve IPS event data.
Searches, retrieves, releases, and deletes quarantined emails.
Returns reports on selected alerts.

What does this pack do?

Searches and retrieves FireEye Central Management alerts.
Searches and retrieves the details of a single alert.
Acknowledges that a specified alert was reviewed.
Downloads malware artifacts data for a specified UUID as a zip file.
Gets artifacts metadata for a specified UUID.
Retrieves information about existing IPS NX events. An IPS enabled appliance is a prerequisite to be able to retrieve IPS event data.
Searches, retrieves, releases, and deletes quarantined emails.
Returns reports on selected alerts.

Classifiers

Name	Description
FireEye Central Management - Classifier	Classifies FireEye Alerts.

Integrations

Name	Description
FireEye Central Management	FireEye Central Management (CM Series) is the FireEye threat intelligence hub. It services the FireEye ecosystem, ensuring that FireEye products share the latest intelligence and correlate across attack vectors to detect and prevent cyber attacks.

Classifiers

Name	Description
FireEye Central Management - Classifier	Classifies FireEye Alerts.

Integrations

Name	Description
FireEye Central Management	FireEye Central Management (CM Series) is the FireEye threat intelligence hub. It services the FireEye ecosystem, ensuring that FireEye products share the latest intelligence and correlate across attack vectors to detect and prevent cyber attacks.

Required Content Packs (4)

Pack Name	Pack By
Base	By: Cortex XSOAR
FireEye Common Fields	By: Cortex XSOAR
FireEye Email Security (EX)	By: Cortex XSOAR
FireEye Network Security (NX)	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (7)

Pack Name	Pack By
Common Scripts	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR
FireEye Common Fields	By: Cortex XSOAR
FireEye Email Security (EX)	By: Cortex XSOAR
FireEye Network Security (NX)	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Base	By: Cortex XSOAR

1.1.24 - 1384438 (September 15, 2024)

Integrations

FireEye Central Management

Fixed an issue where the fetch-incident command failed when the info_level parameter was not provided.
Updated the Docker image to: demisto/python3:3.11.9.110419.

Related pull requests:
- 36192

Download

1.1.23 - 6899385 (November 15, 2023)

Integrations

FireEye Central Management

Added the timeout argument to fireeye-cm-get-alerts command.
Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30881

Download

1.1.22 - 6429983 (September 26, 2023)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.13.74666.

Related pull requests:
- 29798
- 29701
- 29719
- 29688
- 29702
- 29506
- 29790
- 29793
- 29757
- 29788
- 29785
- 29684
- 29705

Download

1.1.21 - R6303396 (September 12, 2023)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27954

Download

1.1.20 - 5692327 (July 5, 2023)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27936

Download

1.1.19 - R5170573 (May 2, 2023)

Integrations

FireEye Central Management

Note: Organized the the integrations' parameters by sections. Relevant for XSIAM and XSOAR 8.1 and above.

Related pull requests:
- 24999

Download

1.1.18 - R4718798 (March 1, 2023)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.8.37233.

Related pull requests:
- 22276

Download

1.1.17 - 3254147 (July 13, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.5.31928.

Related pull requests:
- 20022

Download

1.1.16 - 3157401 (June 26, 2022)

Integrations

FireEye Central Management

Removed excessive error traceback printing.

Related pull requests:
- 19511

Download

1.1.15 - 3100432 (June 16, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.4.30607.

Related pull requests:
- 19575

Download

1.1.14 - 2927997 (May 16, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.4.29342.

Download

1.1.13 - 2836953 (April 28, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.4.28442.

Download

1.1.12 - 2674843 (March 30, 2022)

Integrations

FireEye Central Management

Added type validations and other internal code improvements.

Download

1.1.11 - 2652642 (March 27, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.1.27636.

Download

1.1.10 - 2507216 (March 3, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.1.26972.

Download

1.1.9 - 2387690 (February 9, 2022)

Integrations

FireEye Central Management

Fixed an issue in the fetch incidents process where alerts were not fetched if they were created 48 hours or later than the last alert that was fetched
Improved Error handling.

Download

1.1.8 - 2369391 (February 6, 2022)

Integrations

FireEye Central Management

Fixed an issue where the authorization token was not cached properly.

Download

1.1.7 - 2303329 (January 25, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.10.1.25933.

Download

1.1.6 - 2201332 (January 4, 2022)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.9.9.25564.

Download

1.1.5 - R2146019 (December 21, 2021)

Integrations

FireEye Central Management

Fixed an issue where HTTP status code 206 was considered as an error.

Download

1.1.4 - R2009340 (November 25, 2021)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.9.8.24399.

Download

1.1.3 - 7640590 (September 16, 2021)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.9.7.24076.

Download

1.1.2 - 7465883 (September 5, 2021)

Integrations

FireEye Central Management

Updated the Docker image to: demisto/python3:3.9.6.24019.

Download

1.1.1 - 400461 (July 20, 2021)

Integrations

FireEye Central Management

Upgraded the Docker image to: demisto/python3:3.9.6.22912.

Download

1.1.0 - 390296 (June 28, 2021)

Integrations

FireEye Central Management

Internal code improvements.
Added the timeout argument to the fireeye-cm-get-alert-details command.
Fixed an issue where the fetch-incidents command was not fetching new alerts in some cases.

Download

1.0.0 - 390076 (June 11, 2021)

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	June 11, 2021
Last Release	September 15, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.