Mandiant Advantage Threat intelligence
Version: 1.5
Updated: Jul 18, 2023
Mandiant Threat Intelligence is a comprehensive and powerful SaaS platform that provides organizations of all sizes with up-to-the-minute, relevant cyber threat intelligence so you can focus on and address the threats that matter now.
Actions
- Get Indicator By Value (Enrichment) - For given organization retrieves devices matching all filters, that are used in query.
- Search (Enrichment) - List organizations that belong to given organization (including itself, if type matches).
Mandiant Threat Intelligence configuration
- Log in to the Mandiant Threat Intelligence.
- On Threat Intelligence click Settings.
- Click on Get Key ID And Secret.
Mandiant Advantage Threat intelligence in Automation Service and Cloud SOAR
- Access integrations in the Automation Service or Cloud SOAR.
- After the list of the integrations appears, search/look for the integration and click on the row.
- The integration details will appear. Click on the **"+" **button to add new Resource.
- Populate all the required fields (*) and then click SAVE.
- Label. The name for the resource
- URL. The base API URL for WithSecure Elements. Default: 'https://api.intelligence.mandiant.com'.
- Public Key. The public key previously obtained.
- Private Key. The private key previously obtained.
- To make sure the resource is working, hover over the resource and then click the pencil icon that appears on the right.
- Click TEST SAVED SETTINGS.
- You should receive a successful notification in the bottom right corner.
Category
Threat Intelligence-Reputation
Change Log
- April 27, 2023 (v1.0) - First Upload
- July 18, 2023 (v1.5) - Removed leading/trailing spaces