Maps incoming Trend Micro CAS fields
Trend Micro Cloud App Security
- Details
- Content
- Dependencies
- Version History
Use Trend Micro - Cloud App Security to: Log retrieval - Threat investigation: - Threat mitigation - Threat remediation - Intelligent investigation.
Classifiers
| Name | Description |
|---|---|
trend micro cas classifier | |
TrendMicroCAS - incoming - mapper |
Layouts
| Name | Description |
|---|---|
Trend Micro CAS |
Incident Types
| Name | Description |
|---|---|
Trend Micro CAS Event |
Playbooks
| Name | Description |
|---|---|
Trend Micro CAS - Take Action On User Accounts | This playbook runs various actions on a user's account, such as disabling accounts, requesting multi-factor authentication, and requesting a password, using the "trendmicro-cas-user-take-action" command and returns the result using the "trendmicro-cas-user-action-result-query" command. |
| Trend Micro CAS - Indicators Hunting | In this playbook, the 'trendmicro-cas-email-sweep' command is used to automatically hunt for and detect IOCs within email messages protected by Cloud App Security (CAS). Note that multiple search values should be separated by commas only (without spaces or any special characters). Supported IOCs for this playbook:
Separate searches are conducted for each type of indicator in the playbook. |
Trend Micro CAS - Take Action On Emails | This playbook runs various actions on emails, such as deleting and quarantine email messages, using the "trendmicro-cas-email-take-action" command and returns the results from the "trendmicro-cas-email-action-result-query" command. |
Integrations
| Name | Description |
|---|---|
| Trend Micro Cloud App Security | Use Trend Micro Cloud App Security integration to protect against ransomware, phishing, malware, and unauthorized transmission of sensitive data for cloud applications, such as Microsoft 365, Box, Dropbox, Google G Suite and Salesforce. |
Classifiers
| Name | Description |
|---|---|
trend micro cas classifier | |
TrendMicroCAS - incoming - mapper | Maps incoming Trend Micro CAS fields |
Incident Types
| Name | Description |
|---|---|
Trend Micro CAS Event |
Playbooks
| Name | Description |
|---|---|
Trend Micro CAS - Take Action On User Accounts | This playbook runs various actions on a user's account, such as disabling accounts, requesting multi-factor authentication, and requesting a password, using the "trendmicro-cas-user-take-action" command and returns the result using the "trendmicro-cas-user-action-result-query" command. |
| Trend Micro CAS - Indicators Hunting | In this playbook, the 'trendmicro-cas-email-sweep' command is used to automatically hunt for and detect IOCs within email messages protected by Cloud App Security (CAS). Note that multiple search values should be separated by commas only (without spaces or any special characters). Supported IOCs for this playbook:
Separate searches are conducted for each type of indicator in the playbook. |
Trend Micro CAS - Take Action On Emails | This playbook runs various actions on emails, such as deleting and quarantine email messages, using the "trendmicro-cas-email-take-action" command and returns the results from the "trendmicro-cas-email-action-result-query" command. |
Integrations
| Name | Description |
|---|---|
| Trend Micro Cloud App Security | Use Trend Micro Cloud App Security integration to protect against ransomware, phishing, malware, and unauthorized transmission of sensitive data for cloud applications, such as Microsoft 365, Box, Dropbox, Google G Suite and Salesforce. |
Required Content Packs (4)
| Pack Name | Pack By |
|---|---|
| Common Playbooks | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
Optional Content Packs (3)
| Pack Name | Pack By |
|---|---|
| Malware Core | By: Cortex XSOAR |
| Common Types | By: Cortex XSOAR |
| Phishing | By: Cortex XSOAR |
All level dependencies (6)
| Pack Name | Pack By |
|---|---|
| Filters And Transformers | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Rasterize | By: Cortex XSOAR |
| MITRE ATT&CK | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
1.1.0 - 4427603 (January 19, 2023)
- 23373
Download
Playbooks
New: Trend Micro CAS - Indicators Hunting
Created a new playbook for threat hunting and detection of IOCs within email messages protected by Trend Micro Cloud App Security utilizing the trendmicro-cas-email-sweep command. Supported IOCs for this playbook are: IP addresses, CIDR, file names, file types, SHA1 hashes, URLs, domains, and email addresses. Separate searches are conducted for each type of indicator in the playbook.
- 23373
Download
1.0.11 - 2962208 (May 22, 2022)
Integrations
Trend Micro Cloud App Security
- Updated the Docker image to: demisto/python3:3.10.4.29342.
1.0.10 - 2674843 (March 30, 2022)
Integrations
Trend Micro Cloud App Security
- Added type validations and other internal code improvements.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | November 9, 2020 | |
| Last Release | March 8, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
