Skip to main content

Mandiant Automated Defense

Download With Dependencies

Mandiant Automated Defense Pack

This pack pulls open investigations created by Mandiant Automated Defense (MAD) into XSOAR. On top of pulling valuable data created by MAD into XSOAR, a user can assign someone to the investigation, change the investigation description, and close an investigation all from the XSOAR UI.

The pack has several commands

  • mad-get-incident - get a specific investigation, open or closed, from MAD
  • mad-assign-user - assign a specific user to an investigation
  • mad-remove-user - remove a specific user from an investigation
  • mad-close-incident - close a specific investigation

Bi-directional mirroring is supported.

Currently, this pack has no playbooks.

This pack pulls open investigations created by Mandiant Automated Defense (MAD) into XSOAR. On top of pulling valuable data created by MAD into XSOAR, a user can assign someone to the investigation, change the investigation description, and close an investigation all from the XSOAR UI.

The pack has several commands

  • mad-get-incident - get a specific investigation, open or closed, from MAD
  • mad-assign-user - assign a specific user to an investigation
  • mad-remove-user - remove a specific user from an investigation
  • mad-close-incident - close a specific investigation

Bi-directional mirroring is supported.

Currently, this pack has no playbooks.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedJune 8, 2021
Last ReleaseMarch 22, 2026
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.