Identifier Reputation Analysis Dispatch

Description

Detects available indicators and routes them to indicator reputation analysis playbooks. The output of the analysis will update any artifacts, tasks, and indicator tags.

Type: Investigation
Product: Splunk SOAR
Apps:
Last Updated: 2023-01-11
Author: Kelby Shelton, Splunk
ID: fc0edc96-ff2b-48b0-9b4d-63da6783fd64

Associated Detections

How To Implement

This playbook looks for artifacts and then dispatches the community Reputation playbooks. This playbook takes the output of those playbooks and nicely formats them into notes and tags indicators with their results.

Explore Playbook

Required field

Reference

https://d3fend.mitre.org/technique/d3f:IdentifierReputationAnalysis/

source | version: 1

Twitter Facebook LinkedIn

Identifier Reputation Analysis Dispatch

Description

Associated Detections

How To Implement

Explore Playbook

Required field

Reference

You May Also Enjoy

Windows Proxy Via Netsh

Windows Ldifde Directory Object Behavior

Windows Proxy Via Registry

Network Share Discovery Via Dir Command