Palo Alto Networks Cortex Xsoar now has access to The Total Internet Inventory

Play

Note: The audio version doesn't include code or commands. Those parts of the post can be seen in the text version. Securitytrails 125,000 users can now integrate with the leading SOAR platform. We're excited to announce the immediate availability of our latest API integration into Palo Alto Networks Cortex XSOAR, enabling users to operationalize our security intelligence with over 750 different products. Palo Alto Networks Cortex XSOAR is one of the most comprehensive security orchestration solutions on the market today, enabling organizations to manage and collect data about security threats and drive responses with reduced human involvement. These automated playbooks are an incredible time-saver for overworked security teams. Securitytrails real-time analysis of hostnames, associated domains, IP blocks, SSL certificates, WHOIS, DNS, and historical DNS provides unrivaled context to security investigations. Securitytrails XSOAR enrichments can support a wide variety of playbooks including phishing, log-in analysis, vulnerability management, IOC enrichment, and endpoint diagnostics. How does it work? In order to configure Securitytrails on the Cortex XSOAR platform, you'll need to follow these steps: Navigate to Marketplace. Search for Securitytrails. Click "Install". Navigate to Settings > Integrations > Servers & Services. Search for Securitytrails. Click Add instance to create and configure the new integration instance. Few parameter configurations are required: API key: api.key.here. Trust any certificate (not secure): False. Use system proxy settings: False. Fetch indicators: False. Click Test to check if the URLs, token, and connection are working as expected. If you see a "Success" message, then you're ready to start playing with it. Jump into the playground, and start executing the Securitytrails commands. In the footer area, you'll find a CL-I where you can execute any supported Securitytrails commands, as shown here: Supported commands The following is a list of supported commands that can be executed within Cortex XSOAR CL-I, whether as part of an automation or in a playbook (once you execute a command, a DBot message will be displayed in the War Room showing the command details): With this new Securitytrails API integration for XSOAR, we are helping thousands of users access security data from our API in more alternative ways, providing more clarity for security companies to access subdomain and domain data, DNS and WHOIS historical records, associated domains and IPs, company details, user-agent activity, and much more. Access the Securitytrails API integration for XSOAR today.