Splunk_Attack_Analyzer_Dynamic_Analysis

Description

Accepts url link, domain or vault_id (hash) to be detonated using Splunk Attacker (SAA) API connector. This playbook produces a normalized output for each user and device.

Type: Investigation
Product: Splunk SOAR
Apps: Splunk Attack Analyzer API
Last Updated: 2023-03-24
Author: Teoderick Contreras, Splunk
ID: c77faffe-1339-43b0-b870-86582da9063e

Associated Detections

How To Implement

This input playbook requires the SAA API connector to be configured. It is designed to work in conjunction with the Dynamic Attribute Lookup playbook or other playbooks in the same style.

Splunk_Attack_Analyzer_Dynamic_Analysis

Description

Associated Detections

How To Implement

Explore Playbook

Required field

Reference

You May Also Enjoy

Windows MOVEit Transfer Writing ASPX

Windows Proxy Via Netsh

Windows Ldifde Directory Object Behavior

Windows Proxy Via Registry