Recorded Future Attack Surface Intelligence

Details
Content
Dependencies
Version History

Helps you take risk prioritization to the next level by helping you identify the biggest weaknesses within your attack surface.

This pack enables security teams to

Access a unified risk management from the most popular SOAR platform
Visualize to the most critical risks within your organization
Identify security incidents filtered by severity (critical, medium and low)
See the full context of the incident, including CVE id, name, description, and affected hostnames
Sync XSOAR incidents with Risk Rules in SecurityTrails Attack Surface Intelligence

Available Actions

Attack Surface Intelligence Risk actions
- Get the current issues for a project
- Get issues added to a project after a certain timestamp

This pack enables security teams to

Access a unified risk management from the most popular SOAR platform
Visualize to the most critical risks within your organization
Identify security incidents filtered by severity (critical, medium and low)
See the full context of the incident, including CVE id, name, description, and affected hostnames
Sync XSOAR incidents with Risk Rules in SecurityTrails Attack Surface Intelligence

Available Actions

Attack Surface Intelligence Risk actions
- Get the current issues for a project
- Get issues added to a project after a certain timestamp

Classifiers

Name	Description
Recorded Future ASI - Incoming Mapper	Maps incoming Recorded Future ASI Risk Alerts

Incident Fields

Name	Description
Recorded Future Attack Surface Intelligence Triggered Rules	Triggered rules for an Incident created by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Attack Surface Rule	The name of the rule seen by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Affected Hosts	Example hosts seen triggering the ASI Risk Rule

Incident Types

Name	Description
Recorded Future ASI Alert

Integrations

Name	Description
Recorded Future Attack Surface Intelligence (Partner Contribution)	Attack Surface Intelligence Risk Rules help security teams take risk and vulnerability prioritization to the next level by helping organizations identify the biggest weaknesses within their attack surface in mere seconds.

Layouts

Name	Description
RecordedFutureASILayout	Custom layout for Recorded Future Attack Surface Intelligence Incident type

Classifiers

Name	Description
Recorded Future ASI - Incoming Mapper	Maps incoming Recorded Future ASI Risk Alerts

Incident Fields

Name	Description
Recorded Future Attack Surface Intelligence Affected Hosts	Example hosts seen triggering the ASI Risk Rule
Recorded Future Attack Surface Intelligence Attack Surface Rule	The name of the rule seen by Recorded Future Attack Surface Intelligence
Recorded Future Attack Surface Intelligence Triggered Rules	Triggered rules for an Incident created by Recorded Future Attack Surface Intelligence

Incident Types

Name	Description
Recorded Future ASI Alert

Integrations

Name	Description
Recorded Future Attack Surface Intelligence (Partner Contribution)	Attack Surface Intelligence Risk Rules help security teams take risk and vulnerability prioritization to the next level by helping organizations identify the biggest weaknesses within their attack surface in mere seconds.

Required Content Packs (2)

Pack Name	Pack By
Base	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR

Optional Content Packs (1)

Pack Name	Pack By
Common Types	By: Cortex XSOAR

All level dependencies (3)

Pack Name	Pack By
Aggregated Scripts	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR
Base	By: Cortex XSOAR

2.0.21 - 7843807 (March 22, 2026)

Documentation and metadata improvements.

Related pull requests:
- 43568

Download

2.0.20 - 5636304 (October 29, 2025)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 41629

Download

2.0.19 - R5469292 (October 20, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Updated the RecordedFutureASI integration to be more resilient to transient server-side errors. It will now automatically retry requests that fail with 502, 503, or 504 status codes.
Updated the Docker image to: demisto/python3:3.12.11.4284848.

Related pull requests:
- 40740

Download

2.0.18 - R3980324 (June 26, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Metadata and documentation improvements.

Related pull requests:
- 39131

Download

2.0.17 - R2989425 (March 26, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 37472

Download

2.0.16 - 1748140 (December 4, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37528
- 37524
- 37525
- 37526
- 37527

Download

2.0.15 - R1709192 (November 26, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

2.0.14 - 839519 (February 20, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 33007

Download

2.0.13 - 798475 (February 1, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32533

Download

2.0.12 - 762016 (January 14, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32183

Download

2.0.11 - 722180 (December 28, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31828

Download

2.0.10 - 6864790 (November 12, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Added the API key integration parameter to support credentials fetching object.
Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30780
- 30474

Download

2.0.9 - R6592021 (October 13, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 29456

Download

2.0.8 - 6117817 (August 22, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29103

Download

2.0.7 - 5976562 (August 7, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.67728.

Related pull requests:
- 28805

Download

2.0.6 - R5866730 (July 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.65389.

Related pull requests:
- 28387

Download

2.0.5 - R5801668 (July 18, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27820

Download

2.0.4 - 5546375 (June 16, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.62631.

Related pull requests:
- 27334

Download

2.0.3 - 5363095 (May 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 26993

Download

2.0.2 - 5235737 (May 10, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed the parsing of the flag to expand issues grouped by host

Related pull requests:
- 26420
- 26430

Download

2.0.1 - 5226855 (May 9, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed a library incompatibility by downgrading the Docker image to: demisto/python3:3.10.6.33415.

Related pull requests:
- 26405

Download

2.0.0 - 5218044 (May 8, 2023)

Incident Fields

New: Recorded Future Attack Surface Intelligence Triggered Rules
New: Recorded Future Attack Surface Intelligence Attack Surface Rule
New: Recorded Future Attack Surface Intelligence Affected Hosts

Incident Types

Recorded Future ASI Alert

Integrations

Recorded Future Attack Surface Intelligence

User can configure minimum severity
Incident limit exceedance warning
User configurable history groupings
- By Issue
- By Host
- By Host & By Issue
Updated the Docker image to: demisto/python3:3.10.11.57293.

Layouts

RecordedFutureASILayout
New section for Affected Hosts
New section for all rules in an issue
Source hostname is shown when applicable
Risk rule is shown when applicable

Mappers

New: Recorded Future ASI - Incoming Mapper

(Available from Cortex XSOAR 6.8.0).

Related pull requests:
- 26389
- 26124

Download

1.0.2 - R5170573 (May 2, 2023)

Layouts

RecordedFutureASILayout
This item is no longer supported in XSIAM.

Related pull requests:
- 24223

Download

2.0.21 - 7850318 (March 23, 2026)

Documentation and metadata improvements.

Related pull requests:
- 43568

Download

2.0.20 - 5636304 (October 29, 2025)

Changes are not relevant for XSIAM marketplace.

Related pull requests:
- 41629

Download

2.0.19 - R5469292 (October 20, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Updated the RecordedFutureASI integration to be more resilient to transient server-side errors. It will now automatically retry requests that fail with 502, 503, or 504 status codes.
Updated the Docker image to: demisto/python3:3.12.11.4284848.

Related pull requests:
- 40740

Download

2.0.18 - R3980324 (June 26, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Metadata and documentation improvements.

Related pull requests:
- 39131

Download

2.0.17 - R2989425 (March 26, 2025)

Integrations

Recorded Future Attack Surface Intelligence

Code functionality improvements.
Updated the Docker image to: demisto/python3:3.11.10.116949.

Related pull requests:
- 37472

Download

2.0.16 - 1748140 (December 4, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.11.10.115186.

Related pull requests:
- 37528
- 37524
- 37525
- 37526
- 37527

Download

2.0.15 - R1709192 (November 26, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.14.91134.

Related pull requests:
- 33675

Download

2.0.14 - 839519 (February 20, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 33007

Download

2.0.13 - 797274 (January 31, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32533

Download

2.0.12 - 762016 (January 14, 2024)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32183

Download

2.0.11 - 722180 (December 28, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31828

Download

2.0.10 - 6864790 (November 12, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Added the API key integration parameter to support credentials fetching object.
Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30780
- 30474

Download

2.0.9 - R6592021 (October 13, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 29456

Download

2.0.8 - 6117817 (August 22, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29103

Download

2.0.7 - 5976562 (August 7, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.67728.

Related pull requests:
- 28805

Download

2.0.6 - R5866730 (July 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.65389.

Related pull requests:
- 28387

Download

2.0.5 - 5668905 (July 2, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27820

Download

2.0.4 - 5546375 (June 16, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.12.62631.

Related pull requests:
- 27334

Download

2.0.3 - 5363095 (May 25, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 26993

Download

2.0.2 - 5235737 (May 10, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed the parsing of the flag to expand issues grouped by host

Related pull requests:
- 26420
- 26430

Download

2.0.1 - 5226855 (May 9, 2023)

Integrations

Recorded Future Attack Surface Intelligence

Fixed a library incompatibility by downgrading the Docker image to: demisto/python3:3.10.6.33415.

Related pull requests:
- 26405

Download

2.0.0 - 5218044 (May 8, 2023)

Incident Fields

New: Recorded Future Attack Surface Intelligence Triggered Rules
New: Recorded Future Attack Surface Intelligence Attack Surface Rule
New: Recorded Future Attack Surface Intelligence Affected Hosts

Incident Types

Recorded Future ASI Alert

Integrations

Recorded Future Attack Surface Intelligence

User can configure minimum severity
Incident limit exceedance warning
User configurable history groupings
- By Issue
- By Host
- By Host & By Issue
Updated the Docker image to: demisto/python3:3.10.11.57293.

Mappers

New: Recorded Future ASI - Incoming Mapper

(Available from Cortex XSOAR 6.8.0).

Related pull requests:
- 26389
- 26124

Download

1.0.2 - R5170573 (May 2, 2023)

Changes are not relevant for XSIAM marketplace.

Related pull requests:
- 24223

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Partner
Created	August 31, 2022
Last Release	March 22, 2026

WORKS WITH THE FOLLOWING INTEGRATIONS:

Recorded Future Attack Surface Intelligence

DISCLAIMER

By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.