Detection On Demand App for Splunk Phantom
Analyze any file, object or URL with FireEye in your Splunk Phantom playbooks, regardless of where that alert was generated. FireEye compares your submission to the latest known tactics and signatures of threat actors using static analysis, artificial intelligence and machine learning. FireEye also determines the possibility of secondary or combinatory effects across multiple phases of the attack lifecycle to discover never-before-seen exploits and malware. Our new app can help you:
- Validate Alerts - Validate alerts from security tools against FireEye Detection On Demand to reduce false positives and to help teams focus on top threats.
- Check websites – Investigate suspicious websites being viewed in an organization for malicious behavior.
- Threat Hunting: Get detailed reports on malicious files and websites to better understand what they do and how they work, which can help stop threats from spreading and prevent them from reoccurring in the future.
Downloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.
Support
| Developer: | FireEye |
| Supported By: | FireEye |
| Contact: | |
| Resources: | Splunk Phantom/DOD Configuration Guide |
| Get your Detection On Demand API Key (free 30-day trial) on AWS Marketplace |
Extension Info
| Version: | 1.0.0 |
| Requirements: | Detection On Demand API Key |
| Size: | 1.21 MB |
| MD5: | a8d6005b2b2f8ea388c67f0733c49cb1 |
| SHA1: | 0ad1a12409a51ef39c53e911447caa2ff1c20dbe |
| SHA256: | 5d50b104809525721c2bc4cce911b5b007f7e714e13dd3222e2fc5b37281ec3d |