Darktrace ASM
This pack includes configurations to combine the world-class threat detection of Darktrace with the synchrony and automation abilities of XSOAR, allowing security teams to monitor their attack surface for risks, high-impact vulnerabilities and external threats.\nTo configure the connection to your Darktrace Attack Surface Management instance, you will provide:\n- Server URL of Darktrace ASM instance (ex: darktrace.yourcompany.com) and any necessary proxy information\n- The API Token from the Darktrace ASM instance.
Network Security · DarktraceASM
Configuration parameters
url— Server URL (e.g. https://soar.monstersofhack.com) (required)isFetch— Fetch incidentsincidentType— Incident typemax_fetch— Maximum number of incidents per fetchapikey— API Key (required)alert_type— Fetch alerts with typemin_severity— Minimum severity of alerts to fetchfirst_fetch— First fetch timeincidentFetchInterval— Incidents Fetch Interval
Commands (9)
-
darktrace-asm-assign-tagAssign an existing tag to a Darktrace ASM Asset within the Darktrace UI.
-
darktrace-asm-create-tagCreate a tag to assign to Darktrace ASM Assets within the Darktrace UI.
-
darktrace-asm-delete-commentEdit a comment within the Darktrace UI.
-
darktrace-asm-edit-commentEdit a comment within the Darktrace UI.
-
darktrace-asm-get-assetGet a specific Darktrace ASM Asset.
-
darktrace-asm-get-riskGet a specific Darktrace ASM Risk.
-
darktrace-asm-mitigate-riskMitigate Darktrace ASM Risk within the Darktrace UI.
-
darktrace-asm-post-commentPost a comment to a Darktrace ASM risk or asset within the Darktrace UI.
-
darktrace-asm-unassign-tagUnassign an existing tag to a Darktrace ASM Asset within the Darktrace UI.