Darktrace ASM

This pack includes configurations to combine the world-class threat detection of Darktrace with the synchrony and automation abilities of XSOAR, allowing security teams to monitor their attack surface for risks, high-impact vulnerabilities and external threats.\nTo configure the connection to your Darktrace Attack Surface Management instance, you will provide:\n- Server URL of Darktrace ASM instance (ex: darktrace.yourcompany.com) and any necessary proxy information\n- The API Token from the Darktrace ASM instance.

Network Security · DarktraceASM

Configuration parameters

  • url — Server URL (e.g. https://soar.monstersofhack.com) (required)
  • isFetch — Fetch incidents
  • incidentType — Incident type
  • max_fetch — Maximum number of incidents per fetch
  • apikey — API Key (required)
  • alert_type — Fetch alerts with type
  • min_severity — Minimum severity of alerts to fetch
  • first_fetch — First fetch time
  • incidentFetchInterval — Incidents Fetch Interval

Commands (9)

  • darktrace-asm-assign-tag

    Assign an existing tag to a Darktrace ASM Asset within the Darktrace UI.

  • darktrace-asm-create-tag

    Create a tag to assign to Darktrace ASM Assets within the Darktrace UI.

  • darktrace-asm-delete-comment

    Edit a comment within the Darktrace UI.

  • darktrace-asm-edit-comment

    Edit a comment within the Darktrace UI.

  • darktrace-asm-get-asset

    Get a specific Darktrace ASM Asset.

  • darktrace-asm-get-risk

    Get a specific Darktrace ASM Risk.

  • darktrace-asm-mitigate-risk

    Mitigate Darktrace ASM Risk within the Darktrace UI.

  • darktrace-asm-post-comment

    Post a comment to a Darktrace ASM risk or asset within the Darktrace UI.

  • darktrace-asm-unassign-tag

    Unassign an existing tag to a Darktrace ASM Asset within the Darktrace UI.