Enrich source and destination IP information using SecureTrack. Returns information such as the associated zones, network objects and policies for the addresses, if the addresses are network devices, and a topology map from source to destination.
Tufin
- Details
- Content
- Dependencies
- Version History
Gather network intelligence from SecureTrack and SecureApp, perform topology queries in SecureTrack, and submit change tickets from SecureChange.
Playbooks
| Name | Description |
|---|---|
| Tufin - Enrich Source & Destination IP Information | |
| Tufin - Enrich IP Address(es) | Enrich a single IP using SecureTrack. Returns information such as the associated zones, network objects and policies for the address, and if the address is network device. |
| Tufin - Investigate Network Alert | Example Playbook utilizing the Tufin integration to enrich a network alert and perform containment, if needed. Requires the following incident details: Source IP, Destination IP, Destination Ports |
| Tufin - Get Network Device Info by IP Address | Use a device's IP address to gather information about the device, including basic device information, USP zone(s), and policies related to the device. |
| Tufin - Get Application Information from SecureApp | Search SecureApp by application name and retrieve basic application information and all application connections. |
Integrations
| Name | Description |
|---|---|
| Tufin (Partner Contribution) | Retrieve and analyze network access controls across Tufin-managed firewalls, SDN, and public cloud to identify vulnerable access paths of an attack |
Playbooks
| Name | Description |
|---|---|
| Tufin - Enrich Source & Destination IP Information | Enrich source and destination IP information using SecureTrack. Returns information such as the associated zones, network objects and policies for the addresses, if the addresses are network devices, and a topology map from source to destination. |
| Tufin - Enrich IP Address(es) | Enrich a single IP using SecureTrack. Returns information such as the associated zones, network objects and policies for the address, and if the address is network device. |
| Tufin - Investigate Network Alert | Example Playbook utilizing the Tufin integration to enrich a network alert and perform containment, if needed. Requires the following incident details: Source IP, Destination IP, Destination Ports |
| Tufin - Get Network Device Info by IP Address | Use a device's IP address to gather information about the device, including basic device information, USP zone(s), and policies related to the device. |
| Tufin - Get Application Information from SecureApp | Search SecureApp by application name and retrieve basic application information and all application connections. |
Integrations
| Name | Description |
|---|---|
| Tufin (Partner Contribution) | Retrieve and analyze network access controls across Tufin-managed firewalls, SDN, and public cloud to identify vulnerable access paths of an attack |
Required Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (1)
| Pack Name | Pack By |
|---|---|
| Filters And Transformers | By: Cortex XSOAR |
1.2.1 - R2146019 (December 21, 2021)
Integrations
Tufin
- Updated the Docker image to: demisto/netutils:1.0.0.24101.
1.2.0 - R400461 (July 20, 2021)
Pack has been Certified
1.1.1 - 124549 (September 23, 2020)
Integrations
Tufin
- Upgraded the Docker image.
1.1.0 - R124496 (September 23, 2020)
Integrations
Tufin
- Minor updates
Playbooks
Tufin - Enrich IP Address(es)
- Added new playbook
Tufin - Get Network Device Info by IP Address
- Added new playbook
Tufin - Investigate Network Alert
- Added new playbook
Tufin - Get Application Information from SecureApp
- Added new playbook
Tufin - Enrich Source & Destination IP Information
- Added new playbook
PUBLISHER
Tufin
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Partner | |
| Created | July 22, 2020 | |
| Last Release | March 1, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
