Skip to content

Commit

Permalink
Input playbook for the new Talos app
Browse files Browse the repository at this point in the history
  • Loading branch information
@tapishj-splunk
tapishj-splunk committed Jan 17, 2025
1 parent 0e32902 commit 27e8208
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions playbooks/CiscoTalosIntelligence_Identifier_Reputation_Analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ author: Kelby Shelton, Tapish Jain, Splunk
type: Investigation
description: "Accepts a URL, IP or Domain and provides intelligence on the objects. Generates a per observable report that includes the objects threat level, threat categories, acceptable use categories and score."
playbook: CiscoTalosIntelligence_Identifier_Reputation_Analysis
how_to_implement: This input playbook requires the Cisco Talos Intelligence connector to be configured.
how_to_implement: This input playbook requires the Cisco Talos Intelligence connector to be configured and a Splunk SOAR cloud license.
references:
- https://d3fend.mitre.org/technique/d3f:IdentifierReputationAnalysis/
app_list:
- VirusTotal v3
- Cisco Talos Intelligence
tags:
platform_tags:
- reputation
Expand All @@ -22,6 +22,6 @@ tags:
vpe_type: Modern
playbook_fields: []
product:
- Splunk SOAR
- Splunk SOAR Cloud
use_cases:
- Enrichment

0 comments on commit 27e8208

Please sign in to comment.