Maps incoming Trend Micro CAS fields
Trend Micro Cloud App Security
- Details
- Content
- Dependencies
- Version History
Use Trend Micro - Cloud App Security to: Log retrieval - Threat investigation: - Threat mitigation - Threat remediation - Intelligent investigation.
Classifiers
| Name | Description |
|---|---|
trend micro cas classifier | |
TrendMicroCAS - incoming - mapper |
Incident Types
| Name | Description |
|---|---|
Trend Micro CAS Event |
Integrations
| Name | Description |
|---|---|
| Trend Micro Cloud App Security | Use Trend Micro Cloud App Security integration to protect against ransomware, phishing, malware, and unauthorized transmission of sensitive data for cloud applications, such as Microsoft 365, Box, Dropbox, Google G Suite and Salesforce. |
Layouts
| Name | Description |
|---|---|
Trend Micro CAS |
Playbooks
| Name | Description |
|---|---|
Trend Micro CAS - Take Action On Emails | This playbook runs various actions on emails, such as deleting and quarantine email messages, using the "trendmicro-cas-email-take-action" command and returns the results from the "trendmicro-cas-email-action-result-query" command. |
Trend Micro CAS - Take Action On User Accounts | This playbook runs various actions on a user's account, such as disabling accounts, requesting multi-factor authentication, and requesting a password, using the "trendmicro-cas-user-take-action" command and returns the result using the "trendmicro-cas-user-action-result-query" command. |
| Trend Micro CAS - Indicators Hunting | In this playbook, the 'trendmicro-cas-email-sweep' command is used to automatically hunt for and detect IOCs within email messages protected by Cloud App Security (CAS). Note that multiple search values should be separated by commas only (without spaces or any special characters). Supported IOCs for this playbook:
Separate searches are conducted for each type of indicator in the playbook. |
Classifiers
| Name | Description |
|---|---|
trend micro cas classifier | |
TrendMicroCAS - incoming - mapper | Maps incoming Trend Micro CAS fields |
Incident Types
| Name | Description |
|---|---|
Trend Micro CAS Event |
Integrations
| Name | Description |
|---|---|
| Trend Micro Cloud App Security | Use Trend Micro Cloud App Security integration to protect against ransomware, phishing, malware, and unauthorized transmission of sensitive data for cloud applications, such as Microsoft 365, Box, Dropbox, Google G Suite and Salesforce. |
Playbooks
| Name | Description |
|---|---|
Trend Micro CAS - Take Action On Emails | This playbook runs various actions on emails, such as deleting and quarantine email messages, using the "trendmicro-cas-email-take-action" command and returns the results from the "trendmicro-cas-email-action-result-query" command. |
Trend Micro CAS - Take Action On User Accounts | This playbook runs various actions on a user's account, such as disabling accounts, requesting multi-factor authentication, and requesting a password, using the "trendmicro-cas-user-take-action" command and returns the result using the "trendmicro-cas-user-action-result-query" command. |
| Trend Micro CAS - Indicators Hunting | In this playbook, the 'trendmicro-cas-email-sweep' command is used to automatically hunt for and detect IOCs within email messages protected by Cloud App Security (CAS). Note that multiple search values should be separated by commas only (without spaces or any special characters). Supported IOCs for this playbook:
Separate searches are conducted for each type of indicator in the playbook. |
Required Content Packs (4)
| Pack Name | Pack By |
|---|---|
| Common Playbooks | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
Optional Content Packs (3)
| Pack Name | Pack By |
|---|---|
| Common Types | By: Cortex XSOAR |
| Phishing | By: Cortex XSOAR |
| Malware Core | By: Cortex XSOAR |
All level dependencies (6)
| Pack Name | Pack By |
|---|---|
| Common Scripts | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
| Common Playbooks | By: Cortex XSOAR |
| Rasterize | By: Cortex XSOAR |
| MITRE ATT&CK | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
1.1.0 - 4427603 (January 19, 2023)
- 23373
Download
Playbooks
New: Trend Micro CAS - Indicators Hunting
Created a new playbook for threat hunting and detection of IOCs within email messages protected by Trend Micro Cloud App Security utilizing the trendmicro-cas-email-sweep command. Supported IOCs for this playbook are: IP addresses, CIDR, file names, file types, SHA1 hashes, URLs, domains, and email addresses. Separate searches are conducted for each type of indicator in the playbook.
- 23373
Download
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | November 9, 2020 | |
| Last Release | May 2, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
