DarktraceMBs
Rapid detection of malicious behaviour can make all the difference in the response to a security event. This pack includes configurations to combine the world-class threat detection of Darktrace with the synchrony and automation abilities of XSOAR, allowing security teams to investigate model breaches and all model breach related actions (such as commenting, acknowledging and model logic info).
Network Security · Darktrace
Configuration parameters
url— Server URL (e.g. https://example.net) (required)isFetch— Fetch incidentsinsecure— Trust any certificate (not secure)proxy— Use system proxy settingsincidentType— Incident typepublicApiKey— Public API Token (required)privateApiKey— Private API Token (required)min_score— Minimum Score (required)max_fetch— Maximum Model Breaches per Fetchfirst_fetch— First fetch time
Commands (8)
-
darktrace-acknowledge-model-breachAcknowledge a model breach as specified by Model Breach ID.
-
darktrace-get-modelFetch the configuration details behind a specified model.
-
darktrace-get-model-breachFetch details about a specific Model Breach.
-
darktrace-get-model-breach-commentsFetch all comments for a given model brach.
-
darktrace-get-model-breach-connectionsRetrieve connections relevant to a specified model breach.
-
darktrace-get-model-componentGet details of a component.
-
darktrace-post-comment-to-model-breachPost a comment to a model breach.
-
darktrace-unacknowledge-model-breachUnacknowledge a given model breach.