Stairwell | Marketplace

Details
Content
Dependencies
Version History

Inception is a security intelligence engine that automates the continuous capture, storage, and analysis of executable files.

Stairwell Inception

Inception's APIs leverage auth tokens via the web interface. Directions for generating these tokens, along with API documentation, are available within your Inception tenant.

Not a customer and interested in signing up? You can request access here.

Variant Discovery

This command enables rapid, DFIR-level hunts for variants of a provided hash. This hunt will leverage data from your organization, along with Inceptions shared malware corpus.
The results will include any variant file hashes discovered, along with a similarity score.

File Enrichment

This command enables instant enrichment of a provided hash. This enrichment will leverage data from your organization, along with Inceptions shared malware corpus.
The results will include:

Hash details
Seen asset(s)
Matching YARA
AV verdicts
Path/filename details

Stairwell Inception

Inception's APIs leverage auth tokens via the web interface. Directions for generating these tokens, along with API documentation, are available within your Inception tenant.

Not a customer and interested in signing up? You can request access here.

Variant Discovery

This command enables rapid, DFIR-level hunts for variants of a provided hash. This hunt will leverage data from your organization, along with Inceptions shared malware corpus.
The results will include any variant file hashes discovered, along with a similarity score.

File Enrichment

This command enables instant enrichment of a provided hash. This enrichment will leverage data from your organization, along with Inceptions shared malware corpus.
The results will include:

Hash details
Seen asset(s)
Matching YARA
AV verdicts
Path/filename details

Integrations

Name	Description
Stairwell Inception (Partner Contribution)	Stairwell Inception is a security intelligence engine that automates the continuous capture, storage, and of executable files and other primary security artifacts to improve detection and response against advanced attacks that evade traditional security tools.

Integrations

Name	Description
Stairwell Inception (Partner Contribution)	Stairwell Inception is a security intelligence engine that automates the continuous capture, storage, and of executable files and other primary security artifacts to improve detection and response against advanced attacks that evade traditional security tools.

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

1.0.16 - 842208 (February 21, 2024)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 33040

Download

1.0.15 - 803390 (February 4, 2024)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32683

Download

1.0.14 - 762016 (January 14, 2024)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.84405.

Related pull requests:
- 32183

Download

1.0.13 - 722180 (December 28, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31828

Download

1.0.12 - 6894987 (November 15, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.80014.

Related pull requests:
- 30914

Download

1.0.11 - R6303396 (September 12, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 29530

Download

1.0.10 - 6129053 (August 23, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29149

Download

1.0.9 - 5976562 (August 7, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.12.67728.

Related pull requests:
- 28805

Download

1.0.8 - R5866730 (July 25, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.12.65389.

Related pull requests:
- 28410

Download

1.0.7 - R5801668 (July 18, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27520

Download

1.0.6 - 5401502 (May 30, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 27049

Download

1.0.5 - 5277943 (May 16, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.11.58677.

Related pull requests:
- 26476

Download

1.0.4 - R5170573 (May 2, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.11.54132.
API output example updates
Human-readable output of enrichment now shows Mal-Eval verdict
Enrichment now displays SHA1 hash

Related pull requests:
- 25763
- 25027

Download

1.0.3 - 4718798 (March 1, 2023)

Integrations

Stairwell Inception

Updated the Docker image to: demisto/python3:3.10.10.48392.

Related pull requests:
- 24958

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Partner
Created	November 9, 2022
Last Release	February 21, 2024

Malware

Threat Intelligence Management

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.