Forescout EyeInspect v1.0.27

Get in-depth device visibility for OT networks

Author:
Cortex XSOAR
Support:
xsoar
URL:
https://www.paloaltonetworks.com/cortex
agentixxsiam
Network Security

Classifiers (1)

Incident types (1)

Integrations (1)

README

This pack enables you to gain complete device visibility in-depth device visibility for your computing systems that are used to manage industrial operations.

What does this pack do?

  • Retrieve information about the hosts, links, and alerts in the eyeInspect CC database.
  • Retrieve information about a specific vulnerability stored in the eyeInspect CC database.
  • Retrieve the PCAP file associated to a given alert.
  • Retrieve information about the sensors associated to the eyeInspect CC.
  • Retrieve information about the modules of a specified sensor.
  • Change the properties of specified module.
  • Delete the specified module from the specified sensor and from the eyeInspect CC database.
  • Retrieve the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the IP blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the domain name blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Add a new entry to the SSL client application blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Add entries to the file operation blacklist from the Industrial Threat Library of a specified sensor.
  • Retrieve information about all monitored Command Center resources and their health status excluding the logs.
  • Download the ZIP file that contains diagnostic logs of the Command Center.
  • Get, create, update, delete group policies.
  • Add all hosts not assigned to any policy (individual or group) matching the filter to the group policy.
  • Unassign all hosts assigned to the group policy matching the filter.
  • Get all IP reuse domains.
  • Retrieve information about the changes of host properties and configuration from the eyeInspect CC database.