Cypho Threat Intelligence v1.0.1
The Cypho-XSOAR Content Pack automates incident management between Cypho and Cortex XSOAR. It includes 7 automations, 1 playbook, 23 incident types, and 72 incident fields, enabling users to assign incidents, add comments, update severity, approve or dismiss issues, download attachments, and fetch incidents from Cypho. This content pack ensures incidents in XSOAR accurately reflect the current state of Cypho tickets, streamlines workflows, reduces manual effort, and improves operational efficiency and compliance.
- Author:
- Mahammad Rahimov
- Support:
- community
Classifiers (2)
Dashboards (1)
- Cypho Incident Dashboard
Incident fields (71)
- Cypho Threat Intelligence Asset
- Cypho Threat Intelligence Attachments
- Cypho Threat Intelligence Category Name
- Cypho Threat Intelligence Checker
- Cypho Threat Intelligence Comments
- Cypho Threat Intelligence Confidence Score
- Cypho Threat Intelligence Date Detected by Cypho
- Cypho Threat Intelligence Date of Exposure
- Cypho Threat Intelligence Description
- Cypho Threat Intelligence Detail
- Cypho Threat Intelligence Detected Attack Type
- Cypho Threat Intelligence Detected Base Name
- Cypho Threat Intelligence Detected CPEs
- Cypho Threat Intelligence Detected CVE ID
- Cypho Threat Intelligence Detected CVE Score
- Cypho Threat Intelligence Detected CVE Severity
- Cypho Threat Intelligence Detected Content
- Cypho Threat Intelligence Detected Content Author Name
- Cypho Threat Intelligence Detected Content Page Count
- Cypho Threat Intelligence Detected Content Title
- Cypho Threat Intelligence Detected Developer
- Cypho Threat Intelligence Detected Domains
- Cypho Threat Intelligence Detected GitHub Owner Name
- Cypho Threat Intelligence Detected Host
- Cypho Threat Intelligence Detected Http Request Method
- Cypho Threat Intelligence Detected IP
- Cypho Threat Intelligence Detected New Record
- Cypho Threat Intelligence Detected New Record IP
- Cypho Threat Intelligence Detected Old Record
- Cypho Threat Intelligence Detected Old Record IP
- Cypho Threat Intelligence Detected Package Name
- Cypho Threat Intelligence Detected Parameter
- Cypho Threat Intelligence Detected Password
- Cypho Threat Intelligence Detected Payload
- Cypho Threat Intelligence Detected Phishing Domain Name
- Cypho Threat Intelligence Detected Port
- Cypho Threat Intelligence Detected Repository Name
- Cypho Threat Intelligence Detected Request Body
- Cypho Threat Intelligence Detected Request Headers
- Cypho Threat Intelligence Detected Response Headers
- Cypho Threat Intelligence Detected Serial Number
- Cypho Threat Intelligence Detected Service Name
- Cypho Threat Intelligence Detected Service Version
- Cypho Threat Intelligence Detected Targeted Brand Name
- Cypho Threat Intelligence Detected URL
- Cypho Threat Intelligence Detection Source
- Cypho Threat Intelligence Domain Same As Company Keyword Score
- Cypho Threat Intelligence Host Path
- Cypho Threat Intelligence ID
- Cypho Threat Intelligence Login Name
- Cypho Threat Intelligence Messages
- Cypho Threat Intelligence Not Parked Factor Score
- Cypho Threat Intelligence Product Name
- Cypho Threat Intelligence Recommendation
- Cypho Threat Intelligence Remediation SLA
- Cypho Threat Intelligence Risk Level
- Cypho Threat Intelligence SSL/TLS Certificate Expire Date
- Cypho Threat Intelligence Searching keyword
- Cypho Threat Intelligence Similarity Rate
- Cypho Threat Intelligence Status
- Cypho Threat Intelligence Status Reason
- Cypho Threat Intelligence Subject Alternative Names
- Cypho Threat Intelligence Subject Common Name
- Cypho Threat Intelligence Target Type
- Cypho Threat Intelligence Tenant Name
- Cypho Threat Intelligence Threat Intelligence Created at Time
- Cypho Threat Intelligence Threat Intelligence Impact
- Cypho Threat Intelligence Ticket Id
- Cypho Threat Intelligence Time to Assignment
- Cypho Threat Intelligence Title
- Cypho Threat Intelligence Updated at Time
Incident types (23)
- Cypho Critical Ports Monitoring
- Cypho Dark Web Exposure Monitoring
- Cypho Dns Information Monitoring
- Cypho Email Dns Records Monitoring
- Cypho Exploitable Ports Monitoring
- Cypho File Sharing Services Monitoring
- Cypho Github Secrets Monitoring
- Cypho IM Platform Suspicious Content
- Cypho Improper Access Control
- Cypho Injection Attacks
- Cypho Insecure Subdomains Monitoring
- Cypho Malware Analysis Services Monitoring
- Cypho PII Exposure Monitoring
- Cypho Phishing Monitoring
- Cypho Rogue Mobile Application Detection
- Cypho SSL Certificate Expiry Monitoring
- Cypho SSL Certificate Hostname Mismatch Monitoring
- Cypho Security Misconfiguration
- Cypho Sensitive Data Exposure Monitoring
- Cypho Social Media Account Impersonation Monitoring
- Cypho URL and Domain Analysis Services Monitoring
- Cypho Unclassified Incident
- Cypho Under Review Issues
Integrations (1)
Layouts (1)
Scripts (7)
README
Cypho is a security incident management platform, and this content pack automates the management of Cypho incidents within Cortex XSOAR. Incidents in Cypho can include alerts, issues, and tickets that require tracking, updates, and collaboration.
This Cypho content pack contains the Cortex XSOAR integration with Cypho that provides commands to assign incidents, add comments, update severity, approve or dismiss issues, download attachments, and fetch existing incidents from Cypho. It also includes a playbook to orchestrate these automations and manage incident workflows efficiently.
What does this pack do?
The integration included in this pack allows you to manage and update Cypho incidents directly from XSOAR, providing visibility and control over incident status, attachments, and assignees.
The playbook and automations included in this pack help you save time and automate repetitive tasks associated with incident management, such as:
⦁ Assigning incidents to the appropriate user or team.
⦁ Adding comments to track updates and actions on incidents.
⦁ Updating incident severity to reflect changing risk levels.
⦁ Approving or dismissing issues based on their relevance or resolution status.
⦁ Downloading attachments securely while ensuring only assigned incidents can be accessed.
⦁ Fetching incidents from Cypho into XSOAR for analysis and monitoring.
This content pack is designed to streamline incident management workflows, reduce manual effort, and improve operational efficiency while maintaining alignment with Cypho incident data.