Retrieve and analyze network access controls across Tufin-managed firewalls, SDN, and public cloud to identify vulnerable access paths of an attack.
Tufin
- Details
- Content
- Dependencies
- Version History
Gather network intelligence from SecureTrack and SecureApp, perform topology queries in SecureTrack, and submit change tickets from SecureChange.
Integrations
| Name | Description |
|---|---|
| Tufin (Partner Contribution) |
Playbooks
| Name | Description |
|---|---|
| Tufin - Investigate Network Alert | Example Playbook utilizing the Tufin integration to enrich a network alert and perform containment, if needed. Requires the following incident details: Source IP, Destination IP, Destination Ports |
| Tufin - Enrich IP Address(es) | Enrich a single IP using SecureTrack. Returns information such as the associated zones, network objects and policies for the address, and if the address is network device. |
| Tufin - Get Network Device Info by IP Address | Use a device's IP address to gather information about the device, including basic device information, USP zone(s), and policies related to the device. |
| Tufin - Get Application Information from SecureApp | Search SecureApp by application name and retrieve basic application information and all application connections. |
| Tufin - Enrich Source & Destination IP Information | Enrich source and destination IP information using SecureTrack. Returns information such as the associated zones, network objects and policies for the addresses, if the addresses are network devices, and a topology map from source to destination. |
Integrations
| Name | Description |
|---|---|
| Tufin (Partner Contribution) | Retrieve and analyze network access controls across Tufin-managed firewalls, SDN, and public cloud to identify vulnerable access paths of an attack. |
Playbooks
| Name | Description |
|---|---|
| Tufin - Enrich Source & Destination IP Information | Enrich source and destination IP information using SecureTrack. Returns information such as the associated zones, network objects and policies for the addresses, if the addresses are network devices, and a topology map from source to destination. |
| Tufin - Get Network Device Info by IP Address | Use a device's IP address to gather information about the device, including basic device information, USP zone(s), and policies related to the device. |
| Tufin - Get Application Information from SecureApp | Search SecureApp by application name and retrieve basic application information and all application connections. |
| Tufin - Enrich IP Address(es) | Enrich a single IP using SecureTrack. Returns information such as the associated zones, network objects and policies for the address, and if the address is network device. |
| Tufin - Investigate Network Alert | Example Playbook utilizing the Tufin integration to enrich a network alert and perform containment, if needed. Requires the following alert details: Source IP, Destination IP, Destination Ports |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (2)
| Pack Name | Pack By |
|---|---|
| Filters And Transformers | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
1.2.5 - R1631266 (November 12, 2024)
- 33641
- 33516
- 33519
- 33515
- 33329
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458
- 33535
- 33534
- 33537
- 33552
- 33580
- 33553
- 33418
- 33583
- 33555
- 33556
- 33559
- 33560
- 33619
- 33591
- 33602
- 33600
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458
Download
Integrations
Tufin
- Updated the Docker image to: demisto/netutils:1.0.0.91356.
- 33641
- 33516
- 33519
- 33515
- 33329
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458
- 33535
- 33534
- 33537
- 33552
- 33580
- 33553
- 33418
- 33583
- 33555
- 33556
- 33559
- 33560
- 33619
- 33591
- 33602
- 33600
- 33314
- 33318
- 33328
- 33357
- 33344
- 33359
- 33458
Download
1.2.1 - R2146019 (December 21, 2021)
Integrations
Tufin
- Updated the Docker image to: demisto/netutils:1.0.0.24101.
1.2.0 - R400461 (July 20, 2021)
Pack has been Certified
1.1.1 - 124549 (September 23, 2020)
Integrations
Tufin
- Upgraded the Docker image.
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Partner | |
| Created | July 22, 2020 | |
| Last Release | November 12, 2024 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
