Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

Trellix

Trellix brings you a living XDR architecture that adapts at the speed of threat actors and delivers advanced cyber threat intelligence. We’re changing what security means and what it can do, giving your organization the confidence that comes with being secure.

Specialties

Products

Integrations

Trellix Helix

The integration with Trellix Helix is available as a runtime app as well as various Playbook Apps and Templates. With this Trellix Helix runtime app, ThreatConnect users are able to export indicators (addresses, hosts, email addresses, and files (MD5 & SHA1)) to Trellix Helix lists for alerting and detection. Indicators that no longer match the filter can be removed from Trellix automatically. With the Playbooks App and Templates, users are automatically able to:

  • Deploy Indicators
  • Remove Indicators

These apps can be found in the ThreatConnect App Catalog under the names: Trellix Helix.

Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Fireeye Detection on Demand

With this Playbook app, you can automatically detonate, analyze, and submit files and URLs in FireEye from ThreatConnect to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more efficient remediation of malicious files through automation.

The following actions are available within the Playbook App:

  • Get Report - Search by a Report ID to retrieve details based on the report.
  • Submit File for Analysis - Submit a file for analysis.
  • Submit URL for Analysis - Submit a URL for analysis.
  • Get File Enrichment - Retrieve details about an analysis by its MD5 Hash ID.
  • Get Artifacts - Retrieve artifacts from a report
  • Advanced Request - Create a custom API request to the FireEye Detection on Demand API

This app can be found in the ThreatConnect App Catalog under the name: FireEye Detection on Demand 

Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Playbooks

FireEye Helix Playbooks

With these Playbook templates, you can easily add or remove indicators to FireEye Helix from ThreatConnect.

These apps can be found in the THreatConnect App Catalog under the names: FireEye Helix Log Analytics - Deploy Indicators and FireEye Helix Log Analytics - Remove Indicators

Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Looking for an
integration not shown?