Brandefense

Branddefense is looking for data for each brand and collecting information and alarming the related brand about dark web finding (credentials, similar domain names etc.) related to the firm.With Brandefense integration it is possible to automate Brand related alarms and breach notifications, actions and much more.

Data Enrichment & Threat Intelligence · Brandefense

Configuration parameters

  • url — Server URL (e.g., https://api.brandefense.io/api/v1/incidents) (required)
  • max_fetch — Maximum number of alerts per fetch
  • credentials — (required)
  • threshold_ip — Score threshold for IP reputation command
  • first_fetch — First fetch time
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (13)

  • branddefense-change-incident-status

    Change the status of an existing incident on Brandefense.

  • branddefense-create-threat-search

    Create Threat Search endpoint allows you to post indicator of compromises to investigate suspicious/malicious IP, Domain, URL address or Hash values.

  • branddefense-get-assets

    Gets assets from Brandefense.

  • branddefense-get-audit-logs

    Get audit logs from Brandefense platform.

  • branddefense-get-cti-rules

    Get CTI rules from Brandefense.

  • branddefense-get-incident-indicators

    Get indicators related to an incident on Brandefense using incident's code.

  • branddefense-get-incidents

    Get incidents from the Brandefense platform.

  • branddefense-get-indicators

    The required ioc_type parameter allows you to select Indicators of Compromise (IoCs) types from the threat lists on Brandefense.

  • branddefense-get-ioc

    Get IOCs from Brandefense.

  • branddefense-get-specific-asset

    Call a specific asset from Brandefense.

  • branddefense-get-specific-audit-log

    Get a specific audit log from Brandefense platform.

  • branddefense-get-specific-incident

    Search for a specific incident on Brandefense.

  • branddefense-get-threat-search

    Get Threat Search endpoint allows you to investigate indicator of compromises by UUID.