Posted
ThreatConnect and OPSWAT have delivered a new Playbook for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs.
The following capabilities are available:
- Automated Malware Sandboxing
- As part of a security process, you can automatically send malware to your sandbox. Once sandboxed, you’ll get outputs in the form of file hashes. You can then use these outputs to inform detection and remediation processes in the rest of your security stack.
- Enrichment
- As part of an investigation, you may come across a familiar file hash and want to see if you’ve seen it and sandboxed it before. You can use ThreatConnect to query OPSWAT MetaDefender Cloud and retrieve this information as part of an enrichment process during a case or investigation.
The following actions are available:
- Analyze File
- Get File Enrichment
- Get Address Enrichment
- Get Host Enrichment
- Get URL Enrichment
- Get File Analysis Results
- Advanced Request
Together, ThreatConnect and OPSWAT help you to automate remediation tasks and protect your network from sophisticated attacks. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on how to get the most out of the OPSWAT MetaDefender Cloud Playbook app. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at sales@threatconnect.com.