Recorded Future Attack Surface Intelligence

Details
Content
Dependencies
Version History

Helps you take risk prioritization to the next level by helping you identify the biggest weaknesses within your attack surface.

This pack enables security teams to:

Access a unified risk management from the most popular SOAR platform
Visualize to the most critical risks within your organization
Identify security incidents filtered by severity (critical, medium and low)
See the full context of the incident, including CVE id, name, description, and affected hostnames
Sync XSOAR incidents with Risk Rules in SecurityTrails Attack Surface Intelligence

Available Actions

Attack Surface Intelligence Risk actions
- Get the current issues for a project
- Get issues added to a project after a certain timestamp

This pack enables security teams to:

Access a unified risk management from the most popular SOAR platform
Visualize to the most critical risks within your organization
Identify security incidents filtered by severity (critical, medium and low)
See the full context of the incident, including CVE id, name, description, and affected hostnames
Sync XSOAR incidents with Risk Rules in SecurityTrails Attack Surface Intelligence

Available Actions

Attack Surface Intelligence Risk actions
- Get the current issues for a project
- Get issues added to a project after a certain timestamp

Classifiers

Name	Description
Recorded Future ASI - Incoming Mapper	Maps incoming Recorded Future ASI Risk Alerts

Incident Fields

Name	Description
Recorded Future Attack Surface Intelligence Triggered Rules	Triggered rules for an Incident created by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Affected Hosts	Example hosts seen triggering the ASI Risk Rule
Recorded Future Attack Surface Intelligence Attack Surface Rule	The name of the rule seen by Recorded Future Attack Surface Intelligence

Incident Types

Name	Description
Recorded Future ASI Alert

Integrations

Name	Description
Recorded Future Attack Surface Intelligence (Partner Contribution)	Attack Surface Intelligence Risk Rules help security teams take risk and vulnerability prioritization to the next level by helping organizations identify the biggest weaknesses within their attack surface in mere seconds.

Layouts

Name	Description
RecordedFutureASILayout	Custom layout for Recorded Future Attack Surface Intelligence Incident type

Classifiers

Name	Description
Recorded Future ASI - Incoming Mapper	Maps incoming Recorded Future ASI Risk Alerts

Incident Fields

Name	Description
Recorded Future Attack Surface Intelligence Triggered Rules	Triggered rules for an Incident created by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Attack Surface Rule	The name of the rule seen by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Affected Hosts	Example hosts seen triggering the ASI Risk Rule

Incident Types

Name	Description
Recorded Future ASI Alert

Integrations

Name	Description
Recorded Future Attack Surface Intelligence (Partner Contribution)	Attack Surface Intelligence Risk Rules help security teams take risk and vulnerability prioritization to the next level by helping organizations identify the biggest weaknesses within their attack surface in mere seconds.

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR

Optional Content Packs (1)

Pack Name	Pack By
Common Types	By: Cortex XSOAR

All level dependencies (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR

2.0.15 - 938811 (April 7, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

2.0.14 - 839519 (February 20, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 33007

Download

2.0.13 - 798475 (February 1, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32533

Download

2.0.12 - 762016 (January 14, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32183

Download

2.0.11 - 722180 (December 28, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31828

Download

2.0.10 - 6864790 (November 12, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Added the API key integration parameter to support credentials fetching object.
Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30780
- 30474

Download

2.0.9 - R6592021 (October 13, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 29456

Download

2.0.8 - 6117817 (August 22, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29103

Download

2.0.7 - 5976562 (August 7, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.67728.

Related pull requests:
- 28805

Download

2.0.6 - R5866730 (July 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.65389.

Related pull requests:
- 28387

Download

2.0.5 - R5801668 (July 18, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27820

Download

2.0.4 - 5546375 (June 16, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.62631.

Related pull requests:
- 27334

Download

2.0.3 - 5363095 (May 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 26993

Download

2.0.2 - 5235737 (May 10, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed the parsing of the flag to expand issues grouped by host

Related pull requests:
- 26420
- 26430

Download

2.0.1 - 5226855 (May 9, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed a library incompatibility by downgrading the Docker image to: demisto/python3:3.10.6.33415.

Related pull requests:
- 26405

Download

2.0.0 - 5218044 (May 8, 2023)

Incident Fields

New: Recorded Future Attack Surface Intelligence Triggered Rules
New: Recorded Future Attack Surface Intelligence Attack Surface Rule
New: Recorded Future Attack Surface Intelligence Affected Hosts

Incident Types

Recorded Future ASI Alert

Integrations

Recorded Future Attack Surface Intelligence

User can configure minimum severity
Incident limit exceedance warning
User configurable history groupings
- By Issue
- By Host
- By Host & By Issue
Updated the Docker image to: demisto/python3:3.10.11.57293.

Layouts

RecordedFutureASILayout
New section for Affected Hosts
New section for all rules in an issue
Source hostname is shown when applicable
Risk rule is shown when applicable

Mappers

New: Recorded Future ASI - Incoming Mapper

(Available from Cortex XSOAR 6.8.0).

Related pull requests:
- 26389
- 26124

Download

1.0.2 - R5170573 (May 2, 2023)

Layouts

RecordedFutureASILayout
This item is no longer supported in XSIAM.

Related pull requests:
- 24223

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Partner
Created	August 31, 2022
Last Release	April 7, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

Recorded Future Attack Surface Intelligence

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.