Skip to main content

Cisco Secure Malware Analytics

Download With Dependencies

Query and upload samples to Cisco threat grid.

Use this pack to fetch, manage, and query threat feeds and samples.

What does this pack do?

  • The Feed integration fetches indicators from Cisco Secure Malware Analytics (Threat Grid). When setting up this integration, select from which feeds to fetch indicators (for example: modified-hosts-dns, public-ip-check-dns, ransomware-dns, etc.).
  • The Cisco Threat Grid integration enables you to query and upload samples to Cisco's threat grid.
  • The playbooks enable detonating one or more files or URLs. The playbooks return relevant reports to the War Room and file/URL reputations to the context data.

Use this pack to fetch, manage, and query threat feeds and samples.

What does this pack do?

  • The Feed integration fetches indicators from Cisco Secure Malware Analytics (Threat Grid). When setting up this integration, select from which feeds to fetch indicators (for example: modified-hosts-dns, public-ip-check-dns, ransomware-dns, etc.).
  • The Cisco Threat Grid integration enables you to query and upload samples to Cisco's threat grid.
  • The playbooks enable detonating one or more files or URLs. The playbooks return relevant reports to the War Room and file/URL reputations to the context data.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedJune 30, 2020
Last ReleaseNovember 28, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.