Plugins
Updates
Name | Version | Details |
---|---|---|
Zscaler | 1.3.0 | Add Get Blacklist URL action |
Elasticsearch | 2.0.3 | Updated Search Documents action output schema |
Proofpoint TAP | 1.0.8 | Fix finding e-mail in header_from for e-mails addresses with [.]
|
Shodan | 1.1.0 | Add example inputs |
WHOIS | 3.0.1 | Clean up help.md formatting |
Jira | 6.0.4 | Update to v4 Python plugin runtime |
AbuseIPDB | 5.0.4 | Update to v4 Python plugin runtime |
Microsoft Office365 Email Security | 2.2.4 | Add example inputs in all actions |
Type Converter | 1.7.0 | New action Array Diff |
Workflows
New Releases
Name | Version | Details |
---|---|---|
Blacklist URLs with Zscaler from Microsoft Teams | 1.0.0 | Initial workflow |
Apply Asset Tag with InsightVM from Slack | 1.0.0 | Initial workflow |
Updates
Name | Version | Details |
---|---|---|
Alert on Presence of Zero Logon Vulnerability with Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Send Remediated Vulnerabilities Message in Microsoft Teams from InsightVM | 2.0.1 | Update Microsoft Teams to version 3.1.0 |
Alert on New High Risk Vulnerability in InsightVM with Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Block Host with Cisco ASA Firewall from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with Carbon Black EDR from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with CrowdStrike Falcon from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Enrich CVE with Recorded Future from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Manage Watched Domains with Darktrace from Microsoft Teams | 1.0.2 | Update documentation |
Manage Expiring Vulnerability Exceptions with InsightVM and Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Enrich Indicators with OSINT from Microsoft Teams | 2.0.1 | Update Microsoft Teams to version 3.1.0 |
Delete Assets with InsightVM from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with Microsoft Defender ATP from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
List All Inactive Assets with InsightVM from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Enrich URLs and Domains with VirusTotal from Microsoft Teams | 1.1.1 | Update Microsoft Teams to version 3.1.0 |
Blacklist Hash with Sophos Central from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Blacklist Indicators with Microsoft Defender ATP from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with CylanceOPTICS from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Check Host Block Status with Cisco ASA from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with Rapid7 Insight Agent from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
Quarantine Endpoint with SentinelOne from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Blacklist Hash with Broadcom Symantec Endpoint Protection from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Blacklist Indicators with Trend Micro Apex from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Quarantine Endpoint with Trend Micro Apex from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Blacklist Hash with SentinelOne from Microsoft Teams | 1.1.0 | Update to use latest SentinelOne and Microsoft Teams plugins |
Blacklist Hash with CylancePROTECT from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Quarantine Endpoint with Broadcom Symantec Endpoint Protection from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Quarantine Endpoint with VMware Carbon Black Cloud from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Virtually Patch Vulnerabilities Found by InsightVM with Deep Security | 1.1.0 | Improve the job run time |
Blacklist Hash with SentinelOne from Slack | 1.1.0 | Update to use latest SentinelOne plugin |
Scan Asset with InsightVM from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Block Host with Check Point Firewall from Microsoft Teams | 1.0.4 | Update workflow to use version 3.1.0 of the Microsoft Teams plugin |
Block Host with Fortinet Firewall from Microsoft Teams | 1.1.2 | Update Microsoft Teams to version 3.1.0 |
Lookup InsightVM Host Info from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Lookup Vulnerability from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Lookup Exploit with AttackerKB from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Check Host Block Status with Check Point Firewall from Microsoft Teams | 1.2.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Check Host Block Status with Palo Alto Firewall from Microsoft Teams | 1.2.1 | Update Microsoft Teams to version 3.1.0 |
Block Host with Palo Alto Firewall from Microsoft Teams | 1.2.1 | Update Microsoft Teams to version 3.1.0 |
Deploy Patch with HCL BigFix from Microsoft Teams | 2.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Check Host Block Status with Fortinet Firewall from Microsoft Teams | 1.2.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Revoke User Session in Azure AD from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Enrich URL with Urlscan.io from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Post Exchange Phishing Alerts to Microsoft Teams | 1.0.3 | Update Microsoft Teams to version 3.1.0 |
Post Office 365 Phishing Alerts to Microsoft Teams | 1.0.7 | Update Microsoft Teams to version 3.1.0 |
Geolocate IP Address with IPStack from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Enrich File Hash with VirusTotal from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Force Password Reset in Active Directory from Microsoft Teams | 1.1.1 | Update documentation |
Unshorten URL from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Block Sender in Office 365 from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Find and Delete Emails in Office 365 from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
Office 365 Enrichment | 1.1.0 | Workflow improvements |