Get malicious file report: vt-private-get-file-report Get a domain report: vt-private-get-domain-report Get file dynamic behavioral report: vt-private-check-file-behaviour After you successfully execute a command, a DBot message appears in the War Room with the command details. You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. IfĪrguments in the command determines how results are returned. : Determines whether to return all results, which can number in the thousands. : The minimum number of highly trusted vendors required to consider a domain IP, URL, or file as malicious. : A CSV list of vendors that are considered trustworthy.
If the number of positive results from the VT scanners is bigger than the threshold, the domain is considered malicious. If the number of positive results from the VT scanners exceeds the threshold, the URL is considered malicious. If the number of positive results from the VT scanners exceeds the threshold, the IP address is considered malicious. If the number of positive results from the VT scanners exceeds the threshold, the file will be considered malicious. : a textual name for the integration instance To create and configure a new integration instance. Investigate activity of recognized malware.Ĭonfigure Virus Total - Private API on Cortex XSOAR
Get extensive reports on interactions between files, domains, URLs, IP addresses, and hashes. This integration was integrated and tested with Virus Total API v2.0. Use the Virus Total - Private API integration to investigate suspicious files, domains, URLs, IP addresses, and hashes.
0 kommentar(er)
