Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook fetches IP reputation and/or malware URL threat intelligence indicators from the Cyren CCF API feed and creates corresponding IOC indicators in SentinelOne for automated threat detection and response. Customers can provide one or both Cyren feed tokens.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Cyren-SentinelOne-ThreatIntelligence |
| Source | View on GitHub |
This playbook uses 1 Logic App connector / built-in action:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
http |
Built-in | 0 | 6 |
http (Built-in)| Action | Method | Endpoint | Other |
|---|---|---|---|
| List_STAR_Rules | GET | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/cloud-detection/rules?accountIds=@{parameters('SentinelOne_AccountId')} |
— |
| Create_STAR_Rule | POST | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/cloud-detection/rules |
— |
| Get_IpRep_Feed_Page | GET | @{outputs('Build_IpRep_Api_Url')} |
— |
| Post_IpRep_IOC_to_SentinelOne | POST | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/threat-intelligence/iocs |
— |
| Get_MalwareUrl_Feed_Page | GET | @{outputs('Build_MalwareUrl_Api_Url')} |
— |
| Post_MalwareUrl_IOC_to_SentinelOne | POST | @{parameters('SentinelOne_BaseUrl')}/web/api/v2.1/threat-intelligence/iocs |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to Cyren-SentinelOne-ThreatIntelligence