Maps FireEye NX IPS alerts.
FireEye Common Fields
- Details
- Content
- Dependencies
- Version History
FireEye common fields concentrates all of the mutual content entities for the FireEye integrations.
Incident Fields
| Name | Description |
|---|---|
FireEye Alert Vlan | |
FireEye C2 Channel | |
FireEye Alert Malicious | |
FireEye Signature Revision | |
FireEye Infection URL | |
FireEye Alert Infection ID | |
FireEye Matched Time | |
FireEye Malware Information | |
FireEye Submitted At | |
FireEye C2 Protocol | |
FireEye C2 Port | |
FireEye Email Queue ID | |
FireEye Domain Name | |
FireEye Email Source Domain | |
FireEye Match Count | |
FireEye Download At | |
FireEye Signature | |
FireEye Malware Info | |
FireEye C2 Host | |
FireEye Infection ID | |
FireEye C2 Address | |
FireEye Signature ID |
Classifiers
| Name | Description |
|---|---|
FireEye NX IPS Alert - Incoming Mapper v2 | |
FireEye NX Alert - Incoming Mapper v2 | Maps FireEye NX alerts. |
FireEye EX - Incoming Mapper | Maps FireEye EX alerts. |
Classifiers
| Name | Description |
|---|---|
FireEye NX IPS Alert - Incoming Mapper v2 | Maps FireEye NX IPS alerts. |
FireEye NX Alert - Incoming Mapper v2 | Maps FireEye NX alerts. |
FireEye EX - Incoming Mapper | Maps FireEye EX alerts. |
Incident Fields
| Name | Description |
|---|---|
FireEye Malware Info | |
FireEye Matched Time | |
FireEye Malware Information | |
FireEye Alert Infection ID | |
FireEye Submitted At | |
FireEye Match Count | |
FireEye Infection ID | |
FireEye C2 Channel | |
FireEye C2 Host | |
FireEye Signature Revision | |
FireEye Signature ID | |
FireEye Infection URL | |
FireEye Download At | |
FireEye Email Queue ID | |
FireEye Alert Vlan | |
FireEye Email Source Domain | |
FireEye Alert Malicious | |
FireEye C2 Address |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (7)
| Pack Name | Pack By |
|---|---|
| FireEye Network Security (NX) | By: Cortex XSOAR |
| FireEye HX | By: Cortex XSOAR |
| FireEye Email Security (EX) | By: Cortex XSOAR |
| PhishingAlerts | By: Cortex XSOAR |
| Common Types | By: Cortex XSOAR |
| Phishing | By: Cortex XSOAR |
| Malware Core | By: Cortex XSOAR |
All level dependencies (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
1.0.4 - 2355875 (February 3, 2022)
Incident Fields
- FireEye C2 Protocol
- FireEye Domain Name
1.0.3 - 2353377 (February 3, 2022)
Incident Fields
- FireEye Signature
1.0.2 - 2303329 (January 25, 2022)
Incident Fields
FireEye C2 Port
- Maintenance and stability enhancements.
1.0.1 - R2146019 (December 21, 2021)
Mappers
FireEye EX - Incoming Mapper
- Added mapping for Phishing Alerts incident type.
Incident Fields
- FireEye Malware Information
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 11, 2021 | |
| Last Release | May 2, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
