Palo Alto Networks Cortex XSOAR now has access to The Total Internet Inventory. ™
SecurityTrails’ 125,000 users can now integrate with the leading SOAR platform.
We’re excited to announce the immediate availability of our latest API integration into Palo Alto Networks Cortex XSOAR, enabling users to operationalize our security intelligence with over 750 different products.
Palo Alto Networks Cortex XSOAR is one of the most comprehensive security orchestration solutions on the market today, enabling organizations to manage and collect data about security threats and drive responses with reduced human involvement. These automated playbooks are an incredible time-saver for overworked security teams.
SecurityTrails real-time analysis of hostnames, associated domains, IP blocks, SSL certificates, WHOIS, DNS, and historical DNS provides unrivaled context to security investigations.
SecurityTrails XSOAR enrichments can support a wide variety of playbooks including phishing, log-in analysis, vulnerability management, IOC enrichment, and endpoint diagnostics.
How does it work?
In order to configure SecurityTrails on the Cortex XSOAR platform, you’ll need to follow these steps:
- Navigate to Marketplace
- Search for SecurityTrails
- Click “Install”
- Navigate to Settings > Integrations > Servers & Services
- Search for SecurityTrails.
Click Add instance to create and configure the new integration instance
Few parameter configurations are required:
- API key: api.key.here
- Trust any certificate (not secure): False
- Use system proxy settings: False
- Fetch indicators: False
Click Test to check if the URLs, token, and connection are working as expected
If you see a “Success” message, then you’re ready to start playing with it.
- Jump into the playground, and start executing the SecurityTrails commands
- In the footer area, you’ll find a CLI where you can execute any supported SecurityTrails commands, as shown here:
The following is a list of supported commands that can be executed within Cortex XSOAR CLI, whether as part of an automation or in a playbook (once you execute a command, a DBot message will be displayed in the War Room showing the command details):
With this new SecurityTrails API integration for XSOAR, we are helping thousands of users access security data from our API in more alternative ways, providing more clarity for security companies to access subdomain and domain data, DNS and WHOIS historical records, associated domains and IPs, company details, user-agent activity, and much more.
Access the SecurityTrails API integration for XSOAR today.
Source of Article