FireEye Central Management (CM)
Version: 1.1
Updated: Jul 06, 2023
Centralized device and intelligence management to correlate data across attack vectors.
Actions
- Get Alert Info (Enrichment) - Query FireEye CM for alert details.
- Get ATI Details (Enrichment) - Query FireEye Advanced Threat Intelligence for intelligence data.
- Get Event Info (Enrichment) - Get information from previously generated event.
- Add Snort Rule (Containment) - Add a new Snort rule.
- Add YARA Rule (Containment) - Add a new YARA rule.
- Acknowledge Alert (Containment) - Notate previously generated alert.
Change Log
- June 21, 2019 - First upload
- July 6, 2023 (v1.1) - Updated the integration with Environmental Variables