XMCyber
The XM Cyber integration creates unique incidents with valuable data collected daily, and enriches your existing incidents with attack simulation context. This enables you to prioritize your responses based on XM Cyber’s insights.
Data Enrichment & Threat Intelligence · XM Cyber
Configuration parameters
apikey— API Key (required)url— URL (required)proxy— Use system proxy settingsinsecure— Trust any certificate (not secure)isFetch— Fetch incidentsincidentType— Incident typemax_fetch— Maximum number of incidents per fetchfirst_fetch— First fetchintegrationReliability— Source ReliabilityfeedExpirationPolicy—feedExpirationInterval—
Commands (8)
-
xmcyber-affected-critical-assets-listList critical assets at risk from an entity and the complexity of the attack.
-
xmcyber-affected-entities-listList all entities at risk from an entity and the complexity of the attack.
-
xmcyber-enrich-from-entityIdReturn data on Entity by entityId from XM Cyber.
-
xmcyber-enrich-from-fieldsReturn data on an XM entity.
-
xmcyber-enrich-from-hostnameReturn data on Entity by hostname from XM Cyber.
-
xmcyber-enrich-from-ipReturn data on Entity by IP from XM Cyber.
-
xmcyber-version-getGet current xm version.
-
xmcyber-version-supportedCheck if current XM version supports Cortex Xsoar integration.