Detection On Demand App for Splunk Phantom

Analyze any file, object or URL with FireEye in your Splunk Phantom playbooks, regardless of where that alert was generated. FireEye compares your submission to the latest known tactics and signatures of threat actors using static analysis, artificial intelligence and machine learning. FireEye also determines the possibility of secondary or combinatory effects across multiple phases of the attack lifecycle to discover never-before-seen exploits and malware. Our new app can help you:

  • Validate Alerts - Validate alerts from security tools against FireEye Detection On Demand to reduce false positives and to help teams focus on top threats. 
  • Check websites – Investigate suspicious websites being viewed in an organization for malicious behavior.
  • Threat Hunting: Get detailed reports on malicious files and websites to better understand what they do and how they work, which can help stop threats from spreading and prevent them from reoccurring in the future.

Authentication RequiredDownloading this app requires a FireEye subscription to use and is only accessible for FireEye users with an active FireEye Support account. If you already have an account, please . Otherwise, please Request Support Access or Contact Sales to learn more about becoming a FireEye customer.

Support

Developer:FireEye
Supported By:FireEye
Contact:Email
Resources:Get your Detection On Demand API Key (free 30-day trial) on AWS Marketplace

Extension Info

Version:1.0.0
Requirements:Detection On Demand API Key
Size:1.21 MB
MD5:a8d6005b2b2f8ea388c67f0733c49cb1
SHA1:0ad1a12409a51ef39c53e911447caa2ff1c20dbe
SHA256:5d50b104809525721c2bc4cce911b5b007f7e714e13dd3222e2fc5b37281ec3d