Awake Security

Network Traffic Analysis.

Network Security · Awake Security

Configuration parameters

  • credentials — Credentials (required)
  • server — Awake Security server address (required)
  • unsecure — Trust any certificate (not secure)
  • isFetch — Fetch incidents
  • incidentType — Incident type
  • proxy — Use system proxy settings
  • threat_behaviors — Comma-separated list of threat behaviors to generate incidents for, e.g., "Exfiltration: SSL upload from non-browser to notable domain, Lateral Movement: Unix-based PSEXEC, C2: Possible ICMP tunnel"
  • fetch_interval — Period between incident fetch interval (in minutes) (required)
  • suspicious_threshold — Minimum threshold to determine an indicator suspicious in Demisto (required)
  • malicious_threshold — Minimum threshold to determine an indicator malicious in Demisto (required)
  • integrationReliability — Source Reliability
  • feedExpirationPolicy
  • feedExpirationInterval

Commands (8)

  • awake-pcap-download

    Download a PCAP.

  • awake-query-activities

    Query activities in Awake Security.

  • awake-query-devices

    Query devices in Awake Security.

  • awake-query-domains

    Query domains in Awake Security.

  • device

    Lookup and enrich a device.

  • domain

    Lookup and enrich a domain.

  • email

    Lookup and enrich an email address.

  • ip

    Lookup and enrich an IP address.