Lastline | Marketplace

Details
Content
Dependencies
Version History

Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Use the Lastline pack to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior. You can use the pack's playbooks to detonate both files and URLs.

Playbooks

Name	Description
Detonate URL - Lastline	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline v2	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline v2	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH

Integrations

Name	Description
Lastline v2	Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Playbooks

Name	Description
Detonate URL - Lastline	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline v2	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline v2	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH

Integrations

Name	Description
Lastline v2	Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Required Content Packs (11)

Pack Name	Pack By
CommonScripts	By: Cortex XSOAR
CommonPlaybooks	By: Cortex XSOAR
Base	By: Cortex XSOAR
DemistoRESTAPI	By: Cortex XSOAR
CommonTypes	By: Cortex XSOAR
CoreAlertFields	By: Cortex XSOAR
FiltersAndTransformers	By: Cortex XSOAR
rasterize	By: Cortex XSOAR
Core	By: Cortex XSOAR
Palo_Alto_Networks_WildFire	By: Cortex XSOAR
Active_Directory_Query	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

1.0.15 - 4085738 (November 23, 2022)

Integrations

Lastline v2

Updated the Docker image to: demisto/python3:3.10.8.37233.

Related pull requests:
- 22384

Download

1.0.14 - R3994332 (November 8, 2022)

Integrations

Lastline v2

Added support for the integrationReliability, feedExpirationPolicy and feedExpirationInterval integration parameters.
Updated the Docker image to: demisto/python3:3.10.5.31928.

Related pull requests:
- 20439

Download

1.0.13 - 2745974 (April 12, 2022)

Integrations

Lastline v2

Updated the Docker image to: demisto/python3:3.10.4.27798.
Fixed lint issues.

Download

1.0.12 - 2507216 (March 3, 2022)

Integrations

Lastline v2

Updated the Docker image to: demisto/python3:3.10.1.26972.
Enhanced the API Token and API Key integration parameters to support credentials fetching object.
Fixed an issue where the lastline-upload-file command failed for certain inputs.

Download

1.0.10 - 2411339 (February 14, 2022)

Integrations

Lastline v2

Fixed an issue where the lastline-upload-file command failed when given a CSV file.
Updated the Docker image to: demisto/python3:3.10.1.25933.

Download

1.0.9 - R2146019 (December 21, 2021)

Integrations

Lastline v2

Updated the Docker image to: demisto/python3:3.9.8.24399.

Download

1.0.8 - 7561139 (September 12, 2021)

Integrations

Lastline v2

Updated the Docker image to: demisto/python3:3.9.7.24076.

Download

1.0.7 - 383163 (June 10, 2021)

Integrations

Lastline v2

Upgraded the Docker image to: demisto/python3:3.9.5.21272.

Download

1.0.6 - 369103 (May 27, 2021)

Integrations

Lastline v2

Upgraded the Docker image to: demisto/python3:3.9.5.20070.

Download

1.0.5 - R264879 (January 27, 2021)

Integrations

Lastline v2

Fixed an issue where the threshold integration parameter was not used correctly.
Upgraded the Docker image to demisto/python3:3.9.1.14969.

Download

1.0.4 - R253472 (January 16, 2021)

Integrations

Lastline v2

Fixed an issue where the test-module failed in case no email and username were entered.
Upgraded the Docker image to demisto/python3:3.8.6.14516.
Improved the test-module to check for username and password.

Download

1.0.3 - R228403 (December 21, 2020)

Integrations

Lastline v2

Added support for account-based authentication.
Upgraded the Docker image to demisto/python3:3.8.6.13358.

Download

1.0.2 - R180529 (November 9, 2020)

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	November 9, 2020
Last Release	November 23, 2022

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.