Lastline | Marketplace

Details
Content
Dependencies
Version History

Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Use the Lastline pack to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior. You can use the pack's playbooks to detonate both files and URLs.

Integrations

Name	Description
Lastline v2	Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Playbooks

Name	Description
Detonate File - Lastline v2	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline v2	Detonates a URL using the Lastline sandbox integration.

Integrations

Name	Description
Lastline v2	Use the Lastline v2 integration to provide threat analysts and incident response teams with the advanced malware isolation and inspection environment needed to safely execute advanced malware samples, and understand their behavior.

Playbooks

Name	Description
Detonate File - Lastline v2	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline	Detonates a URL using the Lastline sandbox integration.
Detonate File - Lastline	Detonates a File using the Lastline sandbox. Lastline supports the following File Types: EXE, SYS, DLL, COM, SCR, CPL, OCX, CGI, DOC, DOTM, DOCX, DOTX, XLS, PPAM, XSLX, PPS, XLSB, PPSX, XLSM, PPSM, PPT, PPTX, PPTM, RTF, SHS, XLTM, SLDM, XLTX, SLDX, XLAM, THMX, DOCM, XAR, JTD, JTDC, PDF, SWF, GZ, 7Z, TGZ, MSI, ZIP, LZH, CAB, LZMA, APK, JAR, CLASS, JPEG, PNG, GIF, CMD, ACE, BAT, ARJ, VBS, CHM, XML, LNK, URL, MOF, HTM, OCX, HTML, POTM, EML, POTX, MSG, PS, \|VB, REG, VBA, WSC, VBE, WSF, VBS, WSH
Detonate URL - Lastline v2	Detonates a URL using the Lastline sandbox integration.

Required Content Packs (3)

Pack Name	Pack By
Common Playbooks	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Base	By: Cortex XSOAR

Optional Content Packs (0)

Pack Name	Pack By

All level dependencies (31)

Pack Name	Pack By
Rasterize	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Cisco Firepower	By: Cortex XSOAR
Sophos XG Firewall	By: Cortex XSOAR
Google Maps	By: Cortex XSOAR
F5 Silverline	By: Cortex XSOAR
MITRE ATT&CK	By: Cortex XSOAR
Zscaler Internet Access	By: Cortex XSOAR
CVE Search	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR
ThreatX	By: Cortex XSOAR
Cylance Protect	By: Cortex XSOAR
Image OCR	By: Cortex XSOAR
Rapid7 InsightVM	By: Cortex XSOAR
Slack	By: Cortex XSOAR
FortiGate	By: Cortex XSOAR
Cisco Secure Cloud Analytics (Stealthwatch Cloud)	By: Cortex XSOAR
PAN-OS by Palo Alto Networks	By: Cortex XSOAR
Remote Access	By: Cortex XSOAR
Active Directory Query	By: Cortex XSOAR
Cisco Umbrella Investigate	By: Cortex XSOAR
CrowdStrike Falcon Intelligence Sandbox	By: Cortex XSOAR
Signal Sciences WAF	By: Cortex XSOAR
Akamai WAF	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Kenna	By: Cortex XSOAR
Cisco ASA	By: Cortex XSOAR
ARIAPacketIntelligence	By: ARIA Cybersecurity Solutions
VirusTotal - Private API (Deprecated)	By: VirusTotal
VulnDB	By: Cortex XSOAR
Check Point Firewall	By: Cortex XSOAR

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	November 9, 2020
Last Release	November 23, 2022

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.