Malwarebytes Nebula

Version: 1.2
Updated: March 7, 2024

Query data and execute actions on Malwarebytes Nebula cloud-hosted security platform.

Actions

• Create Exclusion (Containment) - Create Exclusion.
• Update Exclusion (Containment) - Update Exclusion by ID.
• Delete Exclusion (Containment) - Delete exclusion by ID.
• Get Exclusion (Enrichment) - Get exclusion by ID.
• List Exclusions (Enrichment) - Retrieve a list of exclusions.
• Create Policy (Containment) - Create policy.
• Update Policy (Containment) - Update policy.
• Delete Policy (Containment) - Delete policy by ID.
• Get Policy (Enrichment) - Get policy by ID.
• List Policies (Enrichment) - Retrieve a list of policies.
• Get Endpoint (Enrichment) - Retrieve a single ID by its universally unique identifier.
• Get Endpoint Status (Enrichment) - Get the status of an endpoint.
• Get Suspicious Activity (Enrichment) - Fetch suspicious activity of an endpoint.
• Remediate Activity (Containment) - Remediate suspicious activity of an endpoint.
• Nebula Events Daemon (Daemon) - Automatically retrieve events associated with your account.
• Issue Job (Containment) - Issue a job (scan endpoint, restart endpoint check for updates).
• Get Job Status (Enrichment) - Get details about an issued job by ID.
• Search Endpoints (Enrichment) - Search all endpoints or search either alias, host name of fully qualified host name.
• Check Job Status (Enrichment) - Check if job status is completed and return details.
• List Vulnerabilities (Enrichment) - Search CVE grouped by a specific field.
• List Detections (Enrichment) - Search detections.

Category

Threat Intelligence Reputation

Change Log

• May 31, 2021 - First upload
• June 17, 2021 - New actions
  • Issue Job
  • Get Job Status
• May 25, 2022 - New action
  • Search Endpoints
• December 2, 2022 - New action
  • Check Job Status
• July 11, 2023 (v1.1) - Updated the integration with Environmental Variables
• March 7, 2024 (v1.2) - New actions
  • List Vulnerabilities
  • List Detections