Accenture CTI v2 v2.2.48
Accenture CTI provides intelligence regarding security threats and vulnerabilities.
- Author:
- Accenture
- Support:
- partner
agentixxsiam
Data Enrichment & Threat Intelligence
Indicator fields (12)
- ACTI Abstract
- ACTI Analysis
- ACTI Attachment Links
- ACTI Conclusion
- ACTI Index Timestamp
- ACTI Last Modified
- ACTI Last Published
- ACTI Mitigation
- ACTI Report Title
- ACTI Severity
- ACTI Threat Types
- ACTI UUID
Indicator types (6)
- indicatortype-ACTI_Intelligence_Alert
- indicatortype-ACTI_Intelligence_Report
- indicatortype-ACTI_Malware_Family
- indicatortype-ACTI_Threat_Actor
- indicatortype-ACTI_Threat_Campaign
- indicatortype-ACTI_Threat_Group
Integrations (2)
Layouts (6)
Playbooks (7)
- ACTI Block High Severity Indicators Deprecated
- ACTI Block Indicators from an Incident Deprecated
- ACTI Create Report-Indicator Associations Deprecated
- ACTI Incident Enrichment
- ACTI Indicator Enrichment Deprecated
- ACTI Report Enrichment Deprecated
- ACTI Vulnerability Enrichment Deprecated
Scripts (1)
README
Accenture CTI v2
This pack has 2 sub-pack/integration namely:
- ACTI Indicator Query
- ACTI Vulnerability Query
This pack automates the detection of threats and the triage/investigation of incidents by importing Accenture CTI (ACTI) data and intelligence reports into the XSOAR platform. The incident-enrichment functionality not only alleviates tedious research tasks traditionally performed by analysts, but also automatically folds ACTI intelligence reports associated with a given incident into the incident. The result is a complete picture of what ACTI knows about any given threat the moment the analyst opens the XSOAR incident.
_____
What to expect from the Accenture Cyber Threat Intelligence (Accenture CTI v2) pack?
- A playbook that automatically queries Accenture’s IntelGraph API to pull context for IOC and associated intelligence reports into XSOAR incidents.
- Reputation Commands to query for network-level indicators (IP, Domain, and URL).
- Command to query for ACTI intelligence reports.
- Command to query ACTI Vulnerability database.
- The pack also includes a playbook which helps to enrich indicators present in incident with related ACTI Intelligence Alert, ACTI Intelligence Report, ACTI Malware Family, ACTI Threat Actor, ACTI Threat Campaign, ACTI Threat Group if present in Accenture IntelGraph.