TwinWave's threat analysis platform analyzes both URLs and files to detect credential phishing and malware threats. Our platform automatically navigates complex attack chains that attackers put in front of threats in order to evade analysis. In addition to detecting threats, the TwinWave platform generates actionable intelligence for threat hunting and other activities.
What does this pack do?
The playbooks in this pack are used to integrate with the TwinWave threat analysis platform. Use TwinWave to:
- investigate potentially malicious URLs
- investigate potentially malicious files, such as PDFs, Word documents, executables, etc.
- automatically triage high-volume incident streams, such as user-reported phish emails, or HTTP proxy URL exceptions
- capture and analyze forensic artifacts associated with potential threats
To learn more about TwinWave, visit the TwinWave website