Skip to main content
Request a Demo

Cybereason

Cybereason is the champion for today’s cyber defenders with future-ready attack protection that extends from the endpoint, to the enterprise, to everywhere.

Integrations

Cybereason

With the Cybereason  integration, customers  have the ability to query both types of malops, isolate suspicious activities, and manage malops. Customers will be able to bring in details about each type of malop to perform further investigation. 

The following actions are available:

  • Add Indicator Reputation - Add a custom reputation based on a file hash value (MD5 or SHA1), IP Address, or domain name.
  • Create Malop Comment - Add a comment to a Malop.
  • Get Auto Hunt Malop - Retrieve details for an Auto Hunt Malop.
  • Get Endpoint Malop - Retrieve details for an Endpoint Protection Malop.
  • List Malops - Retrieve all Malops of every type from a specified time window.
  • Isolate Machine - Isolate a machine or machines involved in a specific Malop.
  • Remove Indicator Reputation - Remove a custom reputation based on a file hash value (MD5 or SHA1), IP Address, or domain name.
  • Unisolate Machine - Remove from isolation a machine or machines associated with a Malop.
  • Update Malop Status - Update a Malop's status.

This app can be found in the ThreatConnect App Catalog under the name: Cybereason

Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Cybereason with Polarity

The Polarity - Cybereason integration allows Polarity to search Cybereason's API to return threat information on IP's, Domains and File Hashes.

Check out the integration below:

Keep Reading

Related Resources

Built By Polarity

Looking for an
integration not shown?