Files

Some files could not be loaded.
Packs
- 3CXDesktopApp_Supply_Chain_Attack
- AHA
- AMP
- ANYRUN
- APIVoid
- ARIAPacketIntelligence
- AWS-ACM
- AWS-AccessAnalyzer
- AWS-Athena
- AWS-CloudTrail
- AWS-CloudWatchLogs
- AWS-EC2
- AWS-EKS
- AWS-Enrichment-Remediation
- AWS-GuardDuty
  - Classifiers
  - IncidentFields
  - IncidentTypes
  - Integrations
  - Layouts
  - ModelingRules
  - ParsingRules/AWS-GuardDuty
  - ReleaseNotes
  - .pack-ignore
  - .secrets-ignore
  - README.md
  - pack_metadata.json
- AWS-IAM
- AWS-IAMIdentityCenter
- AWS-ILM
- AWS-Lambda
- AWS-NetworkFirewall
- AWS-Organizations
- AWS-Route53
- AWS-S3
- AWS-SNS-Listener
- AWS-SNS
- AWS-SQS
- AWS-SecurityHub
- AWS-SecurityLake
- AWS_DynamoDB
- AWS_ELB
- AWS_Sagemaker
- AWS_SystemManager
- AWS_WAF
- AbnormalSecurity
- Absolute
- AbuseDB
- AcalvioShadowplex
- AccentureCTI
- AccentureCTI_Feed
- AccessInvestigation
- Accessdata
- ActiveMQ
- Active_Directory_Query
- Aella_StarLight
- AgariPhishingDefense
- Akamai_SIEM
- Akamai_WAF
- Alexa
- Algosec
- AlibabaActionTrail
- AlienVault_OTX
- AlienVault_USM_Anywhere
- AlphaSOC_Network_Behavior_Analytics
- AlphaSOC_Wisdom
- AlphaVantage
- Anomali_Enterprise
- Anomali_ThreatStream
- AnsibleAlibabaCloud
- AnsibleAzure
- AnsibleCiscoIOS
- AnsibleCiscoNXOS
- AnsibleHetznerCloud
- AnsibleKubernetes
- AnsibleLinux
- AnsibleMicrosoftWindows
- AnsibleTower
- AnsibleVMware
- Ansible_Powered_Integrations
- AnythingLLM
- ApacheTomcat
- ApacheWebServer
- ApiModules
- AppNovi
- AppendIfNotEmpty
- AquatoneDiscover
- ArcSightESM
- ArcSightLogger
- ArcSightXML
- Arcanna
- ArcherRSA
- ArcusTeam
- Arduino
- AristaSwitch
- Arkime
- Armis
- Armorblox
- ArrayToCSV
- AsanaConnect
- Asset
- Ataya
- AtlassianConfluenceCloud
- AtlassianJiraServiceManagement
- AttachmentsPreProcessing
- AttackIQFireDrill
- AttivoBotsink
- Attlasian
- Auditd
- AutoFocus
- Automox
- AvayaAuraCommunicationManager
- AwakeSecurity
- Aws-SecretsManager
- Axonius
- Azure-Enrichment-Remediation
- AzureActiveDirectory
- AzureAppService
- AzureCompute
- AzureDataExplorer
- AzureDevOps
- AzureEventsHub
- AzureFirewall
- AzureKeyVault
- AzureKubernetesServices
- AzureLogAnalytics
- AzureNetworkSecurityGroups
- AzureResourceGraph
- AzureRiskyUsers
- AzureSQLManagement
- AzureSecurityCenter
- AzureSentinel
- AzureStorage
- AzureStorageContainer
- AzureStorageFileShare
- AzureStorageQueue
- AzureStorageTable
- AzureWAF
- BMCDiscovery
- BPA
- Barracuda
- BarracudaEmailProtection
- BarracudaWAF
- Barracuda_Cloudgen_Firewall
- Base
- BastilleNetworks
- BatchData
- BeyondTrust-AuthorizationRequests
- BeyondTrustPrivilegedRemoteAccess
- BeyondTrustRemoteSupport
- BeyondTrust_Password_Safe
- BigFix
- Binalyze
- BitDam
- BitSight
- Bitbucket
- BitcoinAbuse
- BitwardenPasswordManager
- Blockade.io
- BloodHoundEnterprise
- BluecatAddressManager
- Blueliv
- BluelivThreatCompass
- BluelivThreatContext
- BmcHelixRemedyForce
- BmcITSM
- Bonusly
- Box
- Brandefense
- BreachNotification-US
- BreachRx
- BrocadeSwitch
- BruteForce
- C2sec
- CIRCL
- CIRCLHashlookup
- CSCDomainManager
- CTF02
- CTIX
- CTM360-CyberBlindspot
- CVESearch
- CVE_2021_40444
- CVE_2021_44228
- CVE_2022_26134
- CVE_2022_30190
- CVE_2022_3786_and_CVE_2022_3602_-_OpenSSL_X.509_Buffer_Overflows
- CVE_2022_41040_and_CVE_2022_41082_-_ProxyNotShell
- CVE_2023_23397_-_Microsoft_Outlook_EoP
- CVE_2023_34362_-_MOVEit_SQLI
- CVE_2023_36884_-_Microsoft_Office_and_Windows_RCE
- CVE_2024_47575
- CVE_2024_6387_-_OpenSSH_RCE_RegreSSHion
- CVSS
- CadoResponse
- Camlytics
- Campaign
- CarbonBlackCommonFields
- CarbonBlackDefense
- CarbonBlackEnterpriseEDR
- CarbonBlackProtect
- Carbon_Black_Enterprise_Live_Response
- Carbon_Black_Enterprise_Response
- CaseManagement-Generic
- Celonis
- Censys
- Centreon
- CentrifyVault
- CertStream
- Change_Management
- CheckPhish
- CheckPointDome9
- CheckPointHEC
- CheckPointHarmonyEndpoint
- CheckPointNDR
- CheckPointSandBlast
- CheckpointFirewall
- Cherwell
- CimTrak-SystemIntegrityAssurance
- CircleCI
- Cisco-umbrella-cloud-security
- Cisco-umbrella-enforcement
- Cisco-umbrella
- CiscoAMP
- CiscoASA
- CiscoASR
- CiscoCatalyst
- CiscoESAIronPortEmailAPI
- CiscoEmailSecurity
- CiscoFirepower
- CiscoISR
- CiscoNexus
- CiscoSMA
- CiscoSpark
- CiscoStealthwatch
- CiscoThousandEyes
- CiscoUmbrellaReporting
- CiscoWSA
- CiscoWebExFeed
- Cisco_Wireless_LAN_Controller
- CitrixADC
- Clarizen
- Claroty
- ClarotyXDome
- ClearswiftDLP
- ClickSend
- CloakedUrsaPhishingCampaign
- Cloaken
- CloudConvert
- CloudIDS
- CloudIncidentResponse
- CloudLock
- CloudShare
- CloudShark
- CloudflareWAF
- CloudflareZeroTrust
- Code42
- Cofense-Intelligence
- CofenseIntelligenceV2
- CofenseTriage
- CofenseVision
- Cognni
- CohesityHelios
- CommonDashboards
- CommonPlaybooks
- CommonReports
- CommonScripts
- CommonTypes
- CommonWidgets
- CommunityCommonDashboards
- CommunityCommonScripts
- CommvaultSecurityIQ
- Compliance
- ComputerVisionEngine
- ConcentricAI
- Confluence
- Confluera
- ContentInstallation
- ContentManagement
- ContentTesting
- ConvertTimezoneFromUTC
- Coralogix
- Core
- CoreAlertFields
- CorelightZeek
- Cortex911
- CortexAttackSurfaceManagement
- CortexDataLake
- CortexResponseAndRemediation
- CortexVulnerabilityManagement
- CortexXDR
- CortexXpanse
- CounterCraft
- CounterTack
- CovalenceForSecurityProviders
- CovalenceManagedSecurity
- CreateEDLInstance
- CreateHash
- CreatePlbkDoc
- CrisisManagement
- CrowdSec
- CrowdStrikeFalcon
- CrowdStrikeFalconSandbox
- CrowdStrikeFalconStreamingV2
- CrowdStrikeFalconX
- CrowdStrikeHost
- CrowdStrikeIntel
- CrowdStrikeMalquery
- CrowdStrikeOpenAPI
- Cryptocurrency
- Cryptosim
- CuckooSandbox
- CyCognito
- CybelAngel
- CyberArkEPM
- CyberArkEPV
- CyberArkIdentity
- CyberArkPAS
- CyberArk_Privileged_Threat_Analytics
- CyberChef
- CyberTotal
- CyberTriage
- CyberX-CentralManager
- Cybereason
- Cyberint
- Cyberpion
- Cybersixgill-ActionableAlerts
- Cybersixgill-DVE
- Cyberwatch
- CybleEvents
- CybleEventsV2
- CybleThreatIntel
- Cylance_Protect
- Cymptom
- Cymulate
- CyrenInboxSecurity
- D2
- DB2
- DBotTruthBombs
- DNSDB
- DNSOverHttps
- DSPM
- Darktrace
- DarktraceASM
- DataBee
- DatadogCloudSIEM
- DataminrPulse
- DateTimeToADTime
- DeCYFIR
- DeHashed
- DeduplicateValuesbyKey
- DeepInstinct
- DeepL
- DefaultPlaybook
- DelineaALM
- DelineaDSV
- DelineaSS
- DellEMCUnity
- DemistoLocking
- DemistoRESTAPI
- DeprecatedContent
- DevSecOps
- DeveloperTools
- Devo
- Dig
- DigitalGuardian
- DigitalShadows
- Digital_Defense_FrontlineVM
- Discord
- DomainTools
- DomainToolsIrisDetect
- DomainTools_Iris
- DragosWorldview
- Dragos_Platform
- Drift
- Dropbox
- Druva
- DuoAdminApi
- DuoAuth
- DynamicSectionReports
- EDL
- EDLMonitor
- EWS
- EWSMailSender
- EasyVista
- EclecticIQ
- Edgescan
- Elasticsearch
- ElasticsearchMonitoring
- EmailCommunication
- EmailHippo
- EmailRepIO
- EmployeeOffboarding
- Endace
- Endgame
- Envoy
- Exabeam
- ExabeamDataLake
- ExabeamSecurityOperationsPlatform
- ExceedLMS
- Exchange2016_Compliance
- ExifRead
- ExodusIntelligence
- Expanse
- ExpanseV2
- ExportIndicators
- ExportToXLSX
- ExtFilter
- Exterro
- ExtraHop
- F5
- F5APM
- F5ASM
- F5BigIPAWAF
- F5LTM
- F5Silverline
- FTP
- FeedAWS
- FeedAlienVault
- FeedAzure
- FeedAzureADConnectHealth
- FeedBambenekConsulting
- FeedBlocklist_de
- FeedBruteForceBlocker
- FeedCSV
- FeedCloudflare
- FeedCofense
- FeedCognyteLuminar
- FeedCrowdstrikeFalconIntel
- FeedCyCognito
- FeedCyjax
- FeedCyrenThreatInDepth
- FeedDHS
- FeedDShield
- FeedDomainTools
- FeedElasticsearch
- FeedFastly
- FeedFeedly
- FeedFeodoTracker
- FeedFireEye
- FeedGCPWhitelist
- FeedGitHub
- FeedGreyNoiseIndicator
- FeedIntel471
- FeedJSON
- FeedLOLBAS
- FeedMISP
- FeedMISPThreatActors
- FeedMajesticMillion
- FeedMalwareBazaar
- FeedMalwareDomainList
- FeedMandiant
- FeedMicrosoftIntune
- FeedMitreAttack
- FeedMitreAttackv2
- FeedNVDv2
- FeedORKL
- FeedOffice365
- FeedOpenCTI
- FeedPlainText
- FeedProofpoint
- FeedPublicDNS
- FeedRSS
- FeedRecordedFuture
- FeedReversingLabsRansomwareAndRelatedToolsApp
- FeedSOCRadarThreatFeed
- FeedSpamhaus
- FeedTAXII
- FeedTalos
- FeedThreatConnect
- FeedThreatFox
- FeedThreatVault
- FeedTorExitAddresses
- FeedURLhaus
- FeedUnit42
- FeedUnit42v2
- FeedZeroDayLiveTIFusion
- FeedZoom
- Feedsslabusech
- FetchIndicatorsFromFile
- FidelisElevateNetwork
- FidelisEndpoint
- FileOrbis
- FiltersAndTransformers
- FireEye-Detection-on-Demand
- FireEyeCM
- FireEyeCommonFields
- FireEyeETP
- FireEyeEX
- FireEyeHX
- FireEyeHelix
- FireEyeNX
- FireMonSecurityManager
- Flashpoint
- FlashpointFeed
- Forcepoint
- ForcepointDLP
- ForcepointEmailSecurity
- ForcepointSWG
- ForcepointSecurityManagementCenter
- Forescout
- ForescoutEyeInspect
- Fortanix-DSM
- FortiAuthenticator
- FortiGate
- FortiManager
- FortiSIEM
- FortiSandbox
- Fortimail
- FortinetFortiwebVM
- ForwardXSOARAuditLogsToSplunkHEC
- FraudWatch
- FreeEnrichers
- FreeFeeds
- FreshDesk
- FreshworksFreshservice
- FullHunt
- GCP-Enrichment-Remediation
- GCP-IAM
- GDPR
- GLIMPS_Detect
- GLPI
- GRR
- GSuiteAdmin
- GSuiteSecurityAlertCenter
- GZip
- Gamma
- Gatewatcher-AionIQ
- Gatewatcher-LIS
- Gem
- GenerateAsBuilt
- GenericAPIEventCollector
- GenericSQL
- GenericWebhook
- GenericWebhook_FormData
- GenetecSecurityCenter
- Genians
- GetFields
- GetLicenseID
- GetServerURL
- GettingStartedWithXSOAR
- GigamonThreatINSIGHT
- Giphy
- GitGuardian
- GitHub
- GitLab
- GithubMaltrailFeed
- Gmail
- GmailSingleUser
- GoogleApigee
- GoogleBigQuery
- GoogleCalendar
- GoogleChatViaWebhook
- GoogleChrome
- GoogleChronicleBackstory
- GoogleCloudCompute
- GoogleCloudFunctions
- GoogleCloudLogging
- GoogleCloudSCC
- GoogleCloudStorage
- GoogleCloudTranslate
- GoogleDocs
- GoogleDorking
- GoogleDrive
- GoogleKeyManagementService
- GoogleKubernetesEngine
- GoogleMaps
- GooglePubSub
- GoogleResourceManager
- GoogleSafeBrowsing
- GoogleSheets
- GoogleThreatIntelligence
- GoogleVault
- GoogleVertexAI
- GoogleVisionAPI
- Gophish
- Grafana
- GraphQL
- Graylog
- GreatHorn
- GreyNoise
- GroupIB_ThreatIntelligenceAttribution
- GsuiteAuditor
- GuardiCore
- Guidance_Encase_Endpoint
- Gurucul
- HIPAA-BreachNotification
- HPEArubaCentral
- HPEArubaClearPass
- HPESwitch
- HPE_Service_Manager
- HYASInsight
- HYASProtect
- HackerOne
- Hackuity
- HarfangLabEDR
- HashiCorp-Vault
- HashiCorpTerraform
- HatchingTriage
- HealthCheck
- HelloIAMWorld
- HelloWorld
- Hey
- HostIo
- Hoxhunt
- HuaweiNetworkDevices
- Hudsonrock
- Humio
- Hunting
- HybridAnalysis
- IAM-SCIM
- IBMGuardium
- IBMMaaS360Security
- IBMResilientSystems
- IBMSecurityVerify
- IBM_AIX
- ICEBRG
- ILert
- IP-API
- IP2LocationIO
- IPQualityScore
- IRISDFIR
- Iboss
- Identity
- IdentityRecordedFuture
- Illumio
- IllusiveNetworks
- ImageOCR
- Impartner
- Imperva_Skyfence
- Imperva_WAF
- ImpossibleTraveler
- Incapsula
- Indeni
- Infinipoint
- InfoArmor_VigilanteATI
- Infoblox
- InfobloxBloxOne
- Infocyte
- IntSight
- IntegrationsAndIncidentsHealthCheck
- Intezer
- Inventa
- InvertEveryTwoItems
- Ipstack
- IronDefense
- IronPort
- Ironscales
- IronscalesEventCollector
- IsArrayItemInList
- IsItPhishing
- IvantiConnectSecure
- IvantiCriticalVulnerabilities
- IvantiHeat
- IvantiPulseSecureVTM
- JARM
- JSONSampleIncidentGenerator
- JWT
- Ja3er
- JamfProtect
- Jask
- Jira
- Jizo_M
- JoeSecurity
- Jq
- JsonUnescape
- JsonWhoIs
- JuniperSRX
- KELARaDark
- Kafka
- KasperskySecurityCenter
- KeeperSecretsManager
- KeeperSecurity
- Kenna
- Keyfactor
- Kiteworks
- KnowBe4KMSAT
- KnowBe4_KMSAT
- Koodous
- Kubernetes
- LINENotify
- LSASSCredentialDumping
- Lacework
- Lansweeper
- Lastline
- Linkshadow
- LinuxEventsCollection
- LogPoint_SIEM_Integration
- LogRhythm
- LogRhythmRest
- LogsignSiem
- Logzio
- Lokpath_Keylight
- Looker
- Lost_Stolen_Device
- Luminate
- Lumu
- MISP
- MITRECoA
- ML
- MS-ISAC
- MacOS
- MacVendors
- MailListener
- MailListener_-_POP3
- MailSenderNew
- MajorBreachesInvestigationandResponse
- Maltiverse
- Malware
- MalwareBazaar
- MalwareInvestigationAndResponse
- Malwarebytes
- MalwationAIMA
- Malwr
- ManageEngine-ADAudit
- ManageEngine-ADManager
- ManageEngine-ADSelfServicePlus
- ManageEngine_PAM360
- MandiantAdvantageAttackSurfaceManagement
- MandiantAdvantageThreatIntelligence
- Mantis
- MapPattern
- MapRegex
- MarkdownToHTML
- Mattermost
- MaxList
- MaxMind_GeoIP2
- McAfee-MAR
- McAfee-TIE
- McAfeeDatabaseSecurity
- McAfeeNSM
- McAfeeWebGateway
- McAfee_Advanced_Threat_Defense
- McAfee_DXL
- McAfee_ESM-v10
- McAfee_ESM
- MergeDictArray
- MicroFocusSMAX
- Microsoft365Defender
- MicrosoftADFS
- MicrosoftAdvancedThreatAnalytics
- MicrosoftCloudAppSecurity
- MicrosoftCore
- MicrosoftDHCP
- MicrosoftDNS
- MicrosoftDefenderAdvancedThreatProtection
- MicrosoftDefenderforIdentity
- MicrosoftECM
- MicrosoftEntraID
- MicrosoftExchangeOnPremise
- MicrosoftExchangeOnline
- MicrosoftExchangeServer
- MicrosoftGraphAPI
- MicrosoftGraphApplications
- MicrosoftGraphCalendar
- MicrosoftGraphDeviceManagement
- MicrosoftGraphFiles
- MicrosoftGraphGroups
- MicrosoftGraphIdentityandAccess
- MicrosoftGraphListener
- MicrosoftGraphMail
- MicrosoftGraphSearch
- MicrosoftGraphSecurity
- MicrosoftGraphTeams
- MicrosoftGraphUser
- MicrosoftIISWebServer
- MicrosoftIntune
- MicrosoftManagementActivity
- MicrosoftNPS
- MicrosoftPolicyAndCompliance
- MicrosoftTeams
- MicrosoftWSUS
- MicrosoftWindowsAMSI
- MicrosoftWindowsEvents
- MicrosoftWindowsSysmon
- Mimecast
- MinList
- MinervaLabsAntiEvasionPlatform
- MitreCaldera
- MobileIronUEM
- ModulesManagement
- Moloch
- MongoDB
- MongoDBAtlas
- MultiTenantPerformance
- MxToolBox
- MySQLEnterprise
- NCSCCyberAsssessmentFramework
- NGFWTSAgentDeployment
- NGINXWebServer
- NIST
- NTT_Cyber_Threat_Sensor
- NationalVulnerabilityDatabaseFeed
- Ncurion
- Neosec
- NetBox
- NetCalc
- NetQuestOMX
- Netcraft
- Netcraft_V2
- Netmiko
- NetscoutAED
- NetscoutArborSightline
- Netskope
- NetskopeV2
- Nexthink
- NistNVD
- Nmap
- NonSupported
- NozomiNetworks
- NucleonCyber
- NutanixHypervisor
- OPNSense
- OPSWAT-Filescan
- OPSWAT-MetaDefender-Sandbox
- OSQuery
- OSXCollector
- OTRS
- OTSecurity
- OctoxLabs
- Office365
- Office365AndAzureAuditLog
- Okta
- OktaASA
- OktaAuth0
- OktaOAG
- Oletools
- Ollama
- OnboardingIntegration
- OneLogin
- OnePassword
- OnemodelDev
- OpenAI
- OpenCTI
- OpenCVE
- OpenLDAP
- OpenPhish
- OpenSourceVulnerabilities
- OpsGenie
- Opsgeniev2
- Oracle
- OracleCloudInfrastructure
- OracleCloudInfrastructureFeed
- Oracle_IAM
- Orca
- PAN-OS
- PANOSPolicyOptimizer
- PANOStoCDLMonitoring
- PANWComprehensiveInvestigation
- PATHelpdeskAdvanced
- PHash
- PICUS
- PacketMail
- Packetsled
- PagerDuty
- PaloAltoNetworksAIOps
- PaloAltoNetworksAutomaticSLR_Community
- PaloAltoNetworksPQCHunting_Community
- PaloAltoNetworks_IoT
- PaloAltoNetworks_IoT3rdParty
- PaloAltoNetworks_PAN_OS_EDL_Management
- PaloAltoNetworks_SecurityAdvisories
- PaloAltoNetworks_Threat_Vault
- Palo_Alto_Networks_Enterprise_DLP
- Palo_Alto_Networks_WildFire
- ParseHTMLTables
- ParseYAML
- PassiveTotal
- PasswordResetViaChatbot
- PcapAnalysis
- Pcysys
- PenfieldAI
- PerceptionPoint
- Perch
- PerimeterX
- PhishAI
- PhishLabs
- PhishTank
- PhishUp
- Phishing
- PhishingAlerts
- PhishingURL
- PiHole
- PicusAutomation
- PicusNGAutomation
- PingCastle
- PingIdentity
- Pipl
- PolarSecurity
- PolySwarm
- Polygon
- PopularCybersecurityNews
- PortScan
- Portnox
- PostmarkSpamcheck
- PowerShellUtilities
- PowershellPayloadResponse
- PowershellRemoting
- Preempt
- PrismaAccess
- PrismaCloud
- PrismaCloudCompute
- PrismaCloudComputeReporting
- PrismaSaasSecurity
- ProactiveThreatHunting
- ProofpointCasb
- ProofpointEmailSecurity
- ProofpointIsolation
- ProofpointObserveIT
- ProofpointServerProtection
- ProofpointTAP
- ProofpointThreatProtection
- ProofpointThreatResponse
- ProtectWise
- PublishList
- Pulsedive
- Pwned
- QRCodeReader
- QRadar
- QSS
- Qintel
- QualysFIM
- QueryAI
- QuestKace
- QutteraWebsiteMalwareScanner
- RDPCacheHunting
- RSANetWitnessEndpoint
- RSANetWitness_v11_1
- RSASecureID
- RSS
- RSTCloud
- RTIR
- RadwareCloudServices
- RandomElementFromList
- RandomImages_VideosAndAudio
- Ransomware
- Rapid7AppSec
- Rapid7InsightVMCloud
- Rapid7_InsightIDR
- Rapid7_Nexpose
- Reco
- RecordedFuture
- RecordedFutureASI
- Recorded_Future
- RedCanary
- Redact_DefangIndicators_URLs_IPs_Email
- Redmine
- RegexExpand
- RegexReplace
- Remedy-On-Demand
- Remedy_AR
- RemoteAccess
- RemoveEmpty
- RemoveEmptyEvidence
- ReplaceMatchGroup
- Resecurity
- Respond
- RetarusSecureEmailGateway
- RetrievePlaybooksAndIntegrations
- ReversingLabs_A1000
- ReversingLabs_TitaniumScale
- ReversingLabs_Titanium_Cloud
- RiskIQDigitalFootprint
- RiskSense
- RoksitDNSSecurity
- RsaNetWitnessPacketsAndLogs
- RsaNetwitnessSecurityAnalytics
- RubrikPolaris
- RunZero
- Rundeck
- SANS
- SAP_IAM
- SCADAfence_CNM
- SEKOIAIntelligenceCenter
- SMB
- SMIME_Messaging
- SNDBOX
- SOCRadar
- SSLCertificates
- SSLLabs
- SSLVerifier
- SafeBreach
- SafeNet_Trusted_Access
- Safewalk
- SailPointIdentityIQ
- SailPointIdentityNow
- Salesforce
- SalesforceFusion
- SalesforceIndicators
- SalesforceV2
- SandBlastAppliance
- Sandblast
- ScheduleTaskAndPoll
- ScreenshotMachine
- SecBI
- SecneurXAnalysis
- SecneurXThreatFeeds
- SecureAuthIdentityPlatform
- SecureWorks
- SecurityAdvisor
- SecurityIntelligenceServicesFeed
- SecurityScorecard
- SecurityTrails
- Securonix
- SekoiaXDR
- SemperisDSP
- SendGrid
- SentinelOne
- Sepio
- ServerLogs
- ServiceDeskPlus
- ServiceDeskPlus_On_Premise
- ServiceNow
- 232 entries not shown

AWS-GuardDuty

Failed to load latest commit information.

Cannot retrieve latest commit at this time.

Name		Name	Last commit message	Last commit date
parent directory ..
Classifiers		Classifiers
IncidentFields		IncidentFields
IncidentTypes		IncidentTypes
Integrations		Integrations
Layouts		Layouts
ModelingRules		ModelingRules
ParsingRules/AWS-GuardDuty		ParsingRules/AWS-GuardDuty
ReleaseNotes		ReleaseNotes
.pack-ignore		.pack-ignore
.secrets-ignore		.secrets-ignore
README.md		README.md
pack_metadata.json		pack_metadata.json

README.md

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.

What does this pack do

This integration enables you to:

Create an AWS GuardDuty detector on the integration instance specified AWS account.
Retrieve, update, or delete Amazon GuardDuty detectors.
Create, retrieve, update, or delete a list of IP addresses that are trusted for secure communication with AWS infrastructure and applications.
Create, retrieve, or delete a set of known malicious IP addresses.
Retrieve lists or descriptions of Amazon GuardDuty findings (a potential security issue detected within your network).
Archive Amazon GuardDuty findings.
Retrieve a description of the Amazon GuardDuty members.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Sign in to GitHub

Files

AWS-GuardDuty

AWS-GuardDuty

README.md

What does this pack do

Files

AWS-GuardDuty

Directory actions

More options

Directory actions

More options

Latest commit

History

AWS-GuardDuty

Folders and files

parent directory

README.md

What does this pack do