Integrations List

Vendor Application Action
AbuseIPDB AbuseIPDB GET IP REPUTATION
AlienVault AlienVault GET IP OTX INFO
AlienVault AlienVault GET DOMAIN OTX INFO
AlienVault AlienVault GET HOSTNAME OTX INFO
AlienVault AlienVault GET URL OTX INFO
AlienVault AlienVault GET HASH OTX INFO
AlienVault AlienVault GET PULSES
AlienVault USM Anywhere GET ALARMS
AlienVault USM Anywhere ADD LABEL
AlienVault USM Anywhere REMOVE LABEL
AlienVault USM Anywhere CHANGE STATUS
Amazon AWS EC2 START EC2 INSTANCE
Amazon AWS EC2 STOP EC2 INSTANCE
Amazon AWS EC2 TERMINATE EC2 INSTANCE
Amazon AWS EC2 GET INSTANCE INFO
Amazon AWS EC2 GET INSTANCE WARNINGS
Amazon AWS EC2 CREATE SNAPSHOT
Amazon AWS EC2 GET EC2 SECURITY GROUP DETAILS
AnyRun Any.Run GET FILE REPORT
AnyRun Any.Run GET URL REPORT
API Void API Void VERIFY EMAIL DOMAIN
API Void API Void GET DOMAIN SSL INFO
API Void API Void GET DOMAIN DNS LOOKUP
API Void API Void GET DOMAIN AGE LOOKUP
API Void API Void GET DOMAIN REPUTATION
API Void API Void GET IP REPUTATION
API Void API Void CHECK DOMAIN FOR THREATS
API Void API Void TAKE SCREENSHOT OF WEBPAGE
Atlassian Jira SEND TO JIRA
Atlassian Jira POST COMMENTS
Atlassian Jira GET COMMENTS
Atlassian Jira CHANGE ISSUE TRANSITION
Atlassian Jira SEARCH ISSUES
Barracuda Barracuda Email Security Gateway ADD DOMAIN
Barracuda Barracuda Email Security Gateway DELETE DOMAIN
Barracuda Barracuda Email Security Gateway BLOCK IP FOR DOMAIN
Bitdefender Gravity Zone INITIATE MEMORY SCAN BY HOSTNAME
Bitdefender Gravity Zone INITIATE FULL SCAN BY HOSTNAME
Bitdefender Gravity Zone INITIATE QUICK SCAN BY HOSTNAME
Bitdefender Gravity Zone INITIATE QUICK SCAN BY HOSTNAME
Bitdefender Gravity Zone CREATE RULE FOR DESTINATION IP AS DETECTION
Bitdefender Gravity Zone CREATE RULE FOR SOURCE IP AS DETECTION
Bitdefender Gravity Zone CREATE RULE FOR SOURCE IP AS EXCLUSION
Bitdefender Gravity Zone CREATE RULE FOR DESTINATION IP AS EXCLUSION
Bitdefender Gravity Zone DELETE ENDPOINT
Bitdefender Gravity Zone GET ENDPOINT DETAILS
Bitdefender Gravity Zone ISOLATE ENDPOINT
Bitdefender Gravity Zone PUSH HASH TO BLOCKLIST
Bitdefender Gravity Zone REMOVE HASH FROM BLOCKLIST
Bitdefender Gravity Zone UNISOLATE ENDPOINT
Bitdefender Gravity Zone SET ENDPOINT LABEL
BMC BMC Helix ITSM CREATE TICKET ON BMC
Broadcom Bluecoat EDL AddIP
Broadcom Bluecoat EDL ADD DOMAIN
Broadcom Bluecoat EDL ADD URL
Broadcom Bluecoat EDL REMOVE IP
Broadcom Bluecoat EDL REMOVE DOMAIN
Broadcom Bluecoat EDL REMOVE URL
Broadcom Bluecoat EDL ADD HASH
Broadcom Bluecoat EDL REMOVE HASH
Check Point Check Point Firewall PUSH RECIPIENT EMAIL TO THREAT INDICATOR
Check Point Check Point Firewall REMOVE IP FROM THREAT INDICATOR
Check Point Check Point Firewall REMOVE HASH FROM THREAT INDICATOR
Check Point Check Point Firewall REMOVE URL FROM THREAT INDICATOR
Check Point Check Point Firewall REMOVE DOMAIN FROM THREAT INDICATOR
Check Point Check Point Firewall REMOVE SENDER EMAIL FROM THREAT INDICATOR
Check Point Check Point Firewall REMOVE RECIPIENT EMAIL FROM THREAT INDICATOR
Check Point Check Point Firewall BLOCK IP AS SOURCE
Check Point Check Point Firewall BLOCK IP AS DESTINATION
Check Point Check Point Firewall REMOVE IP AS DESTINATION
Check Point Check Point Firewall REMOVE IP AS SOURCE
CheckPhish CheckPhish GET URL INFO
Cisco Advanced Malware Protection (AMP) GET COMPUTER INFO USING IP
Cisco Advanced Malware Protection (AMP) GET COMPUTER INFO USING HOST
Cisco Advanced Malware Protection (AMP) ISOLATE COMPUTER USING IP
Cisco Advanced Malware Protection (AMP) ISOLATE COMPUTER USING HOST
Cisco Advanced Malware Protection (AMP) UNISOLATE COMPUTER USING HOST
Cisco Advanced Malware Protection (AMP) UNISOLATE COMPUTER USING IP
Cisco Advanced Malware Protection (AMP) SEARCH IP
Cisco Advanced Malware Protection (AMP) SEARCH DOMAIN
Cisco Advanced Malware Protection (AMP) SEARCH HASH
Cisco Advanced Malware Protection (AMP) SEARCH HOST
Cisco Advanced Malware Protection (AMP) PUSH HASH TO APP BLOCKING
Cisco Advanced Malware Protection (AMP) PUSH HASH TO CUSTOM DETECTION
Cisco Advanced Malware Protection (AMP) REMOVE HASH FROM CUSTOM DETECTION
Cisco Secure Email ADD RECIPIENT TO SAFELIST
Cisco Secure Email ADD SENDER TO BLOCKLIST
Cisco Secure Email ADD SENDER TO SAFELIST
Cisco Secure Email RELEASE MESSAGE FROM QUARANTINE
Cisco Secure Email MESSAGES IP LOOKUP LAST 24HOURS
Cisco Secure Email MESSAGES RECIPIENT LOOKUP LAST 24HOURS
Cisco Secure Email MESSAGES SENDER LOOKUP LAST 24HOURS
Cisco Secure Email MESSAGES SUBJECT LOOKUP LAST 24HOURS
Cisco Secure Email MESSAGES DOMAIN LOOKUP LAST 24HOURS
Cisco Secure Email MESSAGES HASH LOOKUP LAST 24HOURS
Cisco Secure Email CLI PUSH DOMAIN TO BLOCKLIST
Cisco Secure Email CLI PUSH IP TO BLOCKLIST
Cisco Secure Email CLI REMOVE DOMAIN FROM BLOCKLIST
Cisco Secure Email CLI REMOVE IP FROM BLOCKLIST
Cisco Secure Email CLI PUSH DOMAIN TO DICTIONARY
Cisco Secure Email CLI PUSH IP TO DICTIONARY
Cisco Secure Email CLI PUSH HASH TO DICTIONARY
Cisco Secure Email CLI PUSH EMAIL TO DICTIONARY
Cisco Secure Email CLI REMOVE DOMAIN FROM DICTIONARY
Cisco Secure Email CLI REMOVE IP FROM DICTIONARY
Cisco Secure Email CLI REMOVE HASH FROM DICTIONARY
Cisco Secure Email CLI REMOVE EMAIL FROM DICTIONARY
Cisco Cisco Secure Malware Analytics GET FILE REPORT
Cisco Umbrella Investigate GET STATUS OF DOMAIN
Cisco Umbrella Investigate GET MALICIOUS DOMAINS OF IP
Cisco Umbrella Investigate WHOIS
Cisco Web Security Appliance (WSA) BLOCK IP
Cisco Web Security Appliance (WSA) BLOCK DOMAIN
Cisco Web Security Appliance (WSA) BLOCK URL
Cisco Web Security Appliance (WSA) UNBLOCK IP
Cisco Web Security Appliance (WSA) UNBLOCK DOMAIN
Cisco Web Security Appliance (WSA) UNBLOCK URL
Cisco Firepower Management Center GET INCIDENTS
Cisco Firepower Management Center (RPA) BLOCK IP
Cisco Firepower Management Center (RPA) UNBLOCK IP
Cisco Firepower Management Center (RPA) BLOCK HASH
Cisco Firepower Management Center (RPA) UNBLOCK HASH
Cisco Firewall Management Center EDL Block IP
Cisco Firewall Management Center EDL Unblock IP
Cisco Firewall Management Center EDL Block Domain
Cisco Firewall Management Center EDL Unblock Domain
Cisco Firewall Management Center EDL Block URL
Cisco Firewall Management Center EDL Unblock URL
Cisco Firewall Management Center EDL BLOCK HASH
Cisco Firewall Management Center EDL UNBLOCK HASH
Cloudflare Cloudflare CREATE FILTER
Cloudflare Cloudflare CREATE FIREWALL RULE
Cloudflare Cloudflare DELETE FILTER
Cloudflare Cloudflare DELETE FIREWALL RULE
Cloudflare Cloudflare LIST FIREWALL RULE
Cofense Cofense GET THREAT INFO
CMDB CMDB SEARCH HOSTNAME
CMDB CMDB SEARCH EMAIL
Cofense Cofense GET INDICATORS
Computer Incident Response Center Luxembourg CVE Search GET CVE DETAILS
Computer Incident Response Center Luxembourg CVE Search GET LATEST 30 CVES
Crowd Strike Crowdstrike Falcon BLOCK DOMAIN
Crowd Strike Crowdstrike Falcon BLOCK HASH
Crowd Strike Crowdstrike Falcon BLOCK IP
Crowd Strike Crowdstrike Falcon CONTAIN HOST
Crowd Strike Crowdstrike Falcon DELETE IP
Crowd Strike Crowdstrike Falcon DELETE DOMAIN
Crowd Strike Crowdstrike Falcon DELETE HASH
Crowd Strike Crowdstrike Falcon GET BEHAVIORS
Crowd Strike Crowdstrike Falcon GET DETECTIONS
Crowd Strike Crowdstrike Falcon GET ENDPOINT DETAILS
Crowd Strike Crowdstrike Falcon GET INCIDENTS
Crowd Strike Crowdstrike Falcon GET PROCESS DETAILS
Crowd Strike Crowdstrike Falcon UNCONTAIN HOST
Crowd Strike Crowdstrike Falcon UNBLOCK IP
Crowd Strike Crowdstrike Falcon UNBLOCK DOMAIN
Crowd Strike Crowdstrike Falcon UNBLOCK HASH
Crowd Strike Crowdstrike Falcon MARK AS FALSE POSITIVE
Crowd Strike Crowdstrike Falcon CLOSE INCIDENT
Crowd Strike Falcon Threat Intelligence GET THREAT INTELLIGENCE
Crowd Strike Falcon LogScale GET EVENTS BY QUERY
CTM360 CTM360 GET INCIDENTS
CTM360 HackerView GET ISSUES
CTM360 ThreatCover GET THREATS
Cyber Ark Endpoint Privilege Management GET AGGREGATED EVENTS
Cyber Ark Endpoint Privilege Management GET AGGREGATED FILES
Cyber Ark Endpoint Privilege Management GET COMPUTERS
Cyber Ark Endpoint Privilege Management GET COMPUTER DETAILS
Cyber Ark Privileged Access ACTIVATE USER
Cyber Ark Privileged Access CREATE SAFE ACCOUNT
Cyber Ark Privileged Access ADD SAFE MEMBER
Cyber Ark Privileged Access ADD SAFE
Cyber Ark Privileged Access DELETE SAFE ACCOUNT
Cyber Ark Privileged Access GET ACCOUNT DETAILS
Cyber Ark Privileged Access GET SAFE DETAILS
Cyber Ark Privileged Access GET SECURITY EVENTS
DarkOwl DarkOwl Vision SEARCH CVE
DarkOwl DarkOwl Vision SEARCH EXPLOITS
DarkOwl DarkOwl Vision SEARCH DARKWEB
DarkOwl DarkOwl Vision SEARCH EMAIL DOMAIN
DarkOwl DarkOwl Vision SEARCH EMAIL
Datadog Datadog GET ALL HOSTS
Datadog Datadog GET EVENTS
Datadog Datadog MUTE HOST
Datadog Datadog UNMUTE HOST
Devo Devo GET EVENTS
Devo Devo GET SOURCE USER LAST EVENTS
Devo Devo GET DESTINATION USER LAST EVENTS
DNSlytics DNSlytics GET IP ASN INFO
DShield DShield GET IP INFO
E Hacking News E Hacking News GET FEEDS
Elastic Elastic Security CLOSE SIGNAL
Elastic Elastic Security GET SIGNALS
Elastic Elastic Security GET WIN COMPLIANCE SIGNALS
Elastic Elastic Security GET NON WIN COMPLIANCE SIGNALS
Elastic Elastic Security GET NON WIN MITRE SIGNALS
Elastic Elastic Security GET WIN MITRE SIGNALS
Elastic Elastic Security GET WAZUH SIGNALS
Elastic Elastic Security GET TRUSTED APPLICATIONS
Elastic Elastic Security GET EVENT FILTERS
Elastic Elastic Security GET HOST ISOLATION EXCEPTIONS
Elastic Elastic Security ISOLATE HOST
Elastic Elastic Security UNISOLATE HOST
Elastic Elastic Security PUSH HASH TO BLOCKLIST
Elastic Elastic Security GET WAZUH ALERTS BY MONITOR
Elastic Elastic Security SEARCH INDEX
Elastic Elastic Security GET STATS
Elastic Elastic Security GET SIGNALS CUSTOM INCLUDE
Elastic Elastic Security GET SIGNALS CUSTOM EXCLUDE
Elastic Elastic Security SEARCH WAZUH INDEX
Elastic Elastic Security SEARCH WAZUH INDEX BY GROUP
Elastic Elasticsearch GET SIGNALS BY INDEX
Elastic Elasticsearch CLOSE ELASTIC SIGNAL
Elastic Elasticsearch GET SIGNALS CUSTOM EXCLUDE
F5 Application Security Manager PUSH HOSTNAME TO POLICY
F5 Application Security Manager PUSH URL TO POLICY
F5 Application Security Manager PUSH IP TO POLICY
F5 Application Security Manager REMOVE HOSTNAME FROM POLICY
F5 Application Security Manager REMOVE URL FROM POLICY
F5 Application Security Manager REMOVE IP FROM POLICY
F5 Application Security Manager LIST POLICIES
F5 Application Security Manager GET POLICY PARAMETERS
F6 Application Security Manager PUSH URL TO DISALLOW LIST
Fidelis Fidelis EDR GET EVENTS
Fidelis Fidelis EDR SEARCH IP
Fidelis Fidelis Threatbridge Service SEARCH IP
Fidelis Fidelis Threatbridge Service SEARCH HASH
Fidelis Fidelis Threatbridge Service WILDCARD SEARCH
FireEye FIREEYE EX GET EMAIL STATUS STATS
FireEye FIREEYE EX GET RETROACTIVE ALERTS
FireEye FIREEYE HX PUSH HASH TO HX
FireEye FIREEYE HX ISOLATE SYSTEM
FireEye FIREEYE HX ACQUIRE FILE
FireEye FIREEYE HX ACQUIRE TRIAGE BY IP
FireEye FIREEYE HX ACQUIRE TRIAGE BY HOSTNAME
Forcepoint Forcepoint Web Security ADD URL TO CATEGORY
Forcepoint Forcepoint Web Security ADD IP TO CATEGORY
Forcepoint Forcepoint Web Security ADD CATEGORY
Forcepoint Forcepoint Web Security DELETE CATEGORY
Forcepoint Forcepoint Web Security LIST CATEGORIES
Forcepoint Forcepoint Web Security REMOVE IP FROM CATEGORY
Forcepoint Forcepoint Web Security REMOVE URL FROM CATEGORY
Fortinet FortiGate EDL BLOCK IP
Fortinet FortiGate EDL BLOCK DOMAIN
Fortinet FortiGate EDL BLOCK URL
Fortinet FortiGate EDL UNBLOCK IP
Fortinet FortiGate EDL UNBLOCK DOMAIN
Fortinet FortiGate EDL UNBLOCK URL
Fortinet FortiGate EDL BLOCK HASH
Fortinet FortiGate EDL UNBLOCK HASH
Fortinet FortiGate Firewall UNBLOCK IP AS DESTINATION
Fortinet FortiGate Firewall UNBLOCK IP AS SOURCE
Fortinet FortiGate Firewall BLOCK IP AS DESTINATION
Fortinet FortiGate Firewall BLOCK IP AS SOURCE
Fortinet FortiSIEM GET INCIDENTS
Fortinet FortiSIEM UPDATE SEVERITY
Fortinet FortiSIEM UPDATE STATUS
Freshworks Freshdesk SEND TO FRESHDESK
Freshworks Freshdesk POST COMMENTS
Freshworks Freshdesk GET COMMENTS
FS-ISAC FS-ISAC GET FEEDS
Gaijin Gaijin ANALYZE EMAIL HEADER
Google SafeBrowsing CHECK URL
GreyNoise GreyNoise GET IP INFO
Hacker Target IP Tools LOOKUP DOMAIN DNS
Hacker Target IP Tools GET HOSTNAME HEADER INFO
Hacker Target IP Tools GET IP HEADER INFO
Hacker Target IP Tools GET URL HEADER INFO
Hacker Target IP Tools GET DOMAIN HEADER INFO
Hacker Target IP Tools GET IP MTR TRACEROUTE
Hacker Target IP Tools GET HOSTNAME MTR TRACEROUTE
Hacker Target IP Tools GET DOMAIN MTR TRACEROUTE
Hacker Target IP Tools PING IP
Hacker Target IP Tools PING HOSTNAME
Hacker Target IP Tools PING DOMAIN
Hacker Target IP Tools GET REVERSE DNS LOOKUP
Hacker Target IP Tools GET DOMAIN WHOIS INFO
Hacker Target IP Tools GET URL WHOIS INFO
Hacker Target IP Tools GET IP WHOIS INFO
Hacker Target IP Tools GET IP GEOLOCATION
Hacker Target IP Tools GET DOMAIN GEOLOCATION
Hacker Target IP Tools GET HOSTNAME GEOLOCATION
Hacker Target IP Tools GET IP AS LOOKUP
Hacker Target IP Tools GET DOMAIN AS LOOKUP
Hacker Target IP Tools GET URL AS LOOKUP
Hacker Target IP Tools GET REVERSE IP LOOKUP HOSTNAME
Hacker Target IP Tools GET URL PAGE LINKS
Hacker Target IP Tools GET REVERSE IP LOOKUP
HaveIBeenPwned Have I Been Pwned CHECK EMAIL
HaveIBeenPwned Have I Been Pwned CHECK PASSWORD
HaveIBeenPwned Have I Been Pwned PASTE EMAIL ACCOUNT
Hillstone Networks Hillstone’s NGFW BLOCK IP
Hillstone Networks Hillstone’s NGFW UNBLOCK IP
Hillstone Networks Hillstone’s NGFW ADD IP TO ADDRESSBOOK
Hillstone Networks Hillstone’s NGFW REMOVE IP FROM ADDRESSBOOK
Hybrid Analysis Hybrid Analysis ANALYZE HASH
Hybrid Analysis Hybrid Analysis GET FILE REPORT
Hybrid Analysis Hybrid Analysis SEARCH HASH
Hybrid Analysis Hybrid Analysis GET HASH SUMMARY
Hybrid Analysis Hybrid Analysis GET URL REPORT
Huawei Huawei Firewall ADD DOMAIN TO BLACKLIST
Huawei Huawei Firewall ADD DOMAIN TO WHITELIST
Huawei Huawei Firewall ADD URL HOST TO BLACKLIST
Huawei Huawei Firewall ADD URL HOST TO WHITELIST
Huawei Huawei Firewall ADD URL TO BLACKLIST
Huawei Huawei Firewall ADD URL TO WHITELIST
Huawei Huawei Firewall REMOVE DOMAIN FROM BLACKLIST
Huawei Huawei Firewall REMOVE DOMAIN FROM WHITELIST
Huawei Huawei Firewall REMOVE URL HOST FROM BLACKLIST
Huawei Huawei Firewall REMOVE URL HOST FROM WHITELIST
Huawei Huawei Firewall REMOVE URL FROM BLACKLIST
Huawei Huawei Firewall REMOVE URL FROM WHITELIST
Huawei Huawei Firewall BLOCK IP AS SOURCE
Huawei Huawei Firewall BLOCK IP AS DESTINATION
Huawei Huawei Firewall UNBLOCK IP AS SOURCE
Huawei Huawei Firewall UNBLOCK IP AS DESTINATION
Huntress Huntress EDR GET INCIDENT REPORT
IBM Lotus Domino PARSE NCR EMAILS
IBM Lotus Domino PARSE FSISAC EMAILS
IBM Lotus Domino PARSE PHISHING EMAILS
IBM Lotus Domino PARSE JSON FORMAT EMAILS
IBM Lotus Domino PARSE CTM360 EMAILS
IBM Lotus Domino PARSE USCERT EMAILS
IBM Lotus Domino PARSE USCERT EMAILS NOSSL
IBM Lotus Domino PARSE CTM360 EMAILS NOSSL
IBM Lotus Domino PARSE JSON FORMAT EMAILS NOSSL
IBM Lotus Domino PARSE PHISHING EMAILS NOSSL
IBM Lotus Domino PARSE FSISAC EMAILS NOSSL
IBM Lotus Domino PARSE NCR EMAILS NOSSL
IBM PostgreSQL GET COLUMNS INFO
IBM PostgreSQL QUERY POSTGRESQL
IBM PostgreSQL GET TABLE INFO
IBM QRadar GET OFFENCES
IBM QRadar PUSH DOMAIN TO REFSET
IBM QRadar PUSH IP TO REFSET
IBM QRadar GET OFFENSE STATUS
IBM QRadar CLOSE QRADAR OFFENSE
IBM QRadar GET LOG SOURCES
IBM QRadar GET EVENTS FOR QUERY
IBM QRadar PUSH EMAIL TO REFSET
IBM QRadar PUSH HASH TO REFSET
IBM QRadar PUSH URL TO REFSET
IBM QRadar ADD OFFENSE NOTE
IBM QRadar GET OFFENCES WITH EVENTS
IBM QRadar ASSIGN USER TO OFFENSE
IBM QRadar REMOVE DOMAIN FROM REFSET
IBM QRadar REMOVE IP FROM REFSET
IBM QRadar REMOVE EMAIL FROM REFSET
IBM QRadar REMOVE HASH FROM REFSET
IBM QRadar REMOVE URL FROM REFSET
IBM QRadar PUSH USERNAME TO REFSET
IBM QRadar REMOVE USERNAME FROM REFSET
IBM QRadar GET LOG SOURCE STATS BY STATUS
IBM QRadar GET LOG SOURCE STATS BY GROUP
IBM QRadar PUSH DOMAIN TO CUSTOM REFSET
IBM QRadar PUSH IP TO CUSTOM REFSET
IBM QRadar PUSH EMAIL TO CUSTOM REFSET
IBM QRadar PUSH HASH TO CUSTOM REFSET
IBM QRadar PUSH URL TO CUSTOM REFSET
IBM QRadar REMOVE DOMAIN FROM CUSTOM REFSET
IBM QRadar REMOVE IP FROM CUSTOM REFSET
IBM QRadar REMOVE EMAIL FROM CUSTOM REFSET
IBM QRadar REMOVE HASH FROM CUSTOM REFSET
IBM QRadar REMOVE URL FROM CUSTOM REFSET
IBM QRadar PUSH USERNAME TO CUSTOM REFSET
IBM QRadar REMOVE USERNAME FROM CUSTOM REFSET
IBM QRadar GET OFFENCES & QUERY EVENTS
IBM QRadar GET USERS AGAINST URL
IBM QRadar GET FILTERED OFFENCES WITH EVENTS
IBM QRadar PUSH FILENAME TO REFSET
IBM QRadar REMOVE FILENAME FROM REFSET
IBM QRadar PUSH FILENAME TO CUSTOM REFSET
IBM QRadar REMOVE FILENAME FROM CUSTOM REFSET
IBM QRadar SEARCH ALLOW EVENTS BY DESTINATION IP
IBM X-Force GET URL MALWARE INFO
IBM X-Force GET HASH INFO
IBM X-Force GET WHOIS INFORMATION IP
IBM X-Force GET WHOIS INFORMATION DOMAIN
Imperva Incapsula Cloud WAF GET ATTACKING COUNTRIES STATS
Imperva Incapsula Cloud WAF GET THREAT TYPE STATS
Imperva Incapsula Cloud WAF GET TOTAL SITE VISITS
Imperva Incapsula Cloud WAF GET INCIDENTS
Infoblox BloxOne BLOCK DOMAIN
Infoblox BloxOne UNBLOCK DOMAIN
Infoblox BloxOne GET IP INFO
Infoblox BloxOne GET HOSTNAME INFO
Infoblox BloxOne GET URL INFO
Infoblox Infoblox GET ARTIFACTS
Infoblox Infoblox GET ARTIFACTS BY CLASS
Infoblox Infoblox GET REPORTED HASHES
Infoblox Infoblox GET REPORTED EMAILS
Infoblox Infoblox GET REPORTED HOSTS
Infoblox Infoblox GET REPORTED IPS
Infoblox Infoblox GET REPORTED URLS
Infoblox Infoblox GET REPORTED EMAILS BY CLASS
Infoblox Infoblox GET REPORTED HASHES BY CLASS
Infoblox Infoblox GET REPORTED HOSTS BY CLASS
Infoblox Infoblox GET REPORTED IPS BY CLASS
Infoblox Infoblox GET REPORTED URLS BY CLASS
Ivanti LANDESK CREATE TICKET ON LANDESK
Ivanti Ivanti GET TICKETS FROM IVANTI
Ivanti Ivanti CREATE TICKET ON IVANTI
Kaspersky Kaspersky Security Center GET HOST APPLICATIONS
Kaspersky Kaspersky Security Center GET HOST DETAILS
Kaspersky Kaspersky Security Center LIST GROUPS
Kaspersky Kaspersky Security Center LIST OF VIRTUAL MACHINES
Kaspersky Kaspersky Security Center GET HOST GROUP STATIC INFO
Kaspersky Kaspersky Security Center BLOCK HASH
Kaspersky Kaspersky Security Center BLOCK IP
Kaspersky Kaspersky Security Center BLOCK DOMAIN
Kaspersky Kaspersky Security Center UNBLOCK HASH
Kaspersky Kaspersky Security Center UNBLOCK IP
Kaspersky Kaspersky Security Center UNBLOCK DOMAIN
Kaspersky Kaspersky Security Center BLOCK URL
Kaspersky Kaspersky Security Center UNBLOCK URL
Kaspersky Kaspersky Security Center EDL BLOCK HASH
Kaspersky Kaspersky Security Center EDL UNBLOCK HASH
Lastline Lastline Defender GET BREACHES
Lastline Lastline Defender GET INCIDENTS
Lastline Lastline Defender GET MAIL MESSAGES
Lastline Lastline Defender SUBMIT FILE
Lastline Lastline Defender SUBMIT URL
Lastline Lastline Defender GET FILES
Lastline Lastline Defender GET FILE SCORE
Lastline Lastline Defender GET ALERT SCORE
LogRhythm LogRhythm GET ALERTS ALARMS
LogRhythm LogRhythm PUSH HASH TO LIST
LogRhythm LogRhythm PUSH URL TO LIST
LogRhythm LogRhythm PUSH IP TO LIST
LogRhythm LogRhythm PUSH HOSTNAME TO LIST
LogRhythm LogRhythm PUSH DOMAIN TO LIST
LogRhythm LogRhythm REMOVE HASH FROM LIST
LogRhythm LogRhythm REMOVE URL FROM LIST
LogRhythm LogRhythm REMOVE IP FROM LIST
LogRhythm LogRhythm REMOVE HOSTNAME FROM LIST
LogRhythm LogRhythm REMOVE DOMAIN FROM LIST
Logsign Logsign SIEM GET INCIDENTS
Mail Header Mail Header ANALYZE EMAIL HEADER
MalShare MalShare GET REPORTED HASH LIST
Maltiverse Maltiverse GET DOMAIN INFO
Maltiverse Maltiverse GET HASH INFO
Maltiverse Maltiverse GET IP INFO
Maltiverse Maltiverse GET URL INFO
Malwarebytes Malwarebytes GET FEEDS
ManageEngine ServiceDesk CREATE TICKET ON SERVICEDESK
ManageEngine ServiceDesk POST COMMENTS
ManageEngine ServiceDesk GET COMMENTS
ManageEngine ServiceDesk UPDATE TICKET ON SERVICEDESK
MaxMind MaxMind GET IP GEOLOCATION
Microsoft 365 Defender ADVANCE HUNTING
Microsoft 366 Defender GET INCIDENTS
Microsoft 367 Defender MARK INCIDENT AS RESOLVED
Microsoft Defender for Endpoints GET ALERTS
Microsoft Defender for Endpoints GET MACHINE INFO
Microsoft Defender for Endpoints UPDATE ALERT
Microsoft Defender for Endpoints PUSH IP
Microsoft Defender for Endpoints PUSH DOMAIN
Microsoft Defender for Endpoints PUSH URL
Microsoft Defender for Endpoints PUSH HASH
Microsoft Defender for Endpoints ISOLATE MACHINE
Microsoft Defender for Endpoints UNISOLATE MACHINE
Microsoft Defender for Endpoints REMOVE IP
Microsoft Defender for Endpoints REMOVE DOMAIN
Microsoft Defender for Endpoints REMOVE URL
Microsoft Defender for Endpoints REMOVE HASH
Microsoft Defender for Endpoints CANCEL MACHINE ACTION
Microsoft Defender for Endpoints COLLECT INVESTIGATION PACKAGE
Microsoft Defender for Endpoints GET MACHINE ACTION STATUS
Microsoft Defender for Endpoints GET INVESTIGATION PACKAGE SAS URI
Microsoft Defender for Endpoints LIST PENDING MACHINE ACTIONS
Microsoft Defender for Endpoints LIVE RESPONSE PUT FILE
Microsoft Defender for Endpoints LIVE RESPONSE GET FILE
Microsoft Defender for Endpoints LIVE RESPONSE RUN SCRIPT
Microsoft Defender for Endpoints OFFBOARD MACHINE
Microsoft Defender for Endpoints REMOVE APP RESTRICTION
Microsoft Defender for Endpoints RESTRICT APP EXECUTION
Microsoft Defender for Endpoints RUN FULL SCAN
Microsoft Defender for Endpoints RUN QUICK SCAN
Microsoft Defender for Endpoints GET MACHINE INFO BY ID
Microsoft Defender for Endpoints ADD COMMENT TO ALERT
Microsoft Defender for Endpoints QUARANTINE AND STOP FILE
Microsoft Microsoft Exchange PARSE FSISAC EMAILS
Microsoft Microsoft Exchange PARSE PHISHING EMAILS
Microsoft Microsoft Exchange PARSE JSON FORMAT EMAILS
Microsoft Microsoft Exchange PARSE NCR EMAILS
Microsoft Microsoft Exchange PARSE CTM360 EMAILS
Microsoft Microsoft Exchange PARSE USCERT EMAILS
Microsoft Microsoft Exchange PARSE RSA EMAILS
Microsoft Microsoft Exchange PARSE DEEP SECURITY EMAILS
Microsoft Microsoft Exchange GET MATURITY STATS
Microsoft Microsoft Exchange GET THREAT MONITORING STATS
Microsoft Microsoft Exchange PARSE LASTLINE EMAILS
Microsoft Microsoft Exchange PARSE ETISALAT EMAILS
Microsoft Microsoft Exchange PARSE DLP EMAILS
Microsoft Microsoft Exchange PARSE SKYBOX EMAILS
Microsoft Microsoft Exchange PARSE SPLUNK EMAILS
Microsoft Microsoft Exchange PARSE GUARDIUM EMAILS
Microsoft Microsoft Exchange PARSE FORWARDED PHISHING EMAILS
Microsoft Microsoft LDAP GET USER INFO
Microsoft Microsoft LDAP GET USER GROUP INFO
Microsoft Microsoft LDAP ADD USER TO GROUP
Microsoft Microsoft LDAP REMOVE USER FROM GROUP
Microsoft Microsoft LDAP DISABLE USER
Microsoft Microsoft LDAP ENABLE USER
Microsoft Microsoft LDAP CHANGE USER DN
Microsoft Microsoft LDAP GET MANAGER INFO
Microsoft Microsoft Sentinel GET INCIDENTS
Microsoft Microsoft Sentinel GET INCIDENT ALERTS
Microsoft Microsoft Sentinel GET INCIDENT ENTITIES
Microsoft Microsoft Sentinel UPDATE INCIDENT SEVERITY
Microsoft Microsoft Sentinel UPDATE STATUS
Microsoft Windows Management Instrumentation GET STARTUP COMMANDS
Microsoft Windows Management Instrumentation GET ENVIRONMENT VARIABLES
Microsoft Windows Management Instrumentation GET USER ACCOUNTS
Microsoft Windows Management Instrumentation GET PROCESS
Microsoft Windows SMB GET FILES
Microsoft Windows SMB DELETE FILE
Microsoft Windows SMB MOVE FILE
Mimecast Mimecast ADD URL TO BLACKLIST
Mimecast Mimecast ADD URL TO WHITELIST
Mimecast Mimecast RMOVE URL
MISP MISP GET ATTRIBUTES
MojoDns MojoDns GET DOMAIN A RECORDS
MojoDns MojoDns GET DOMAIN MX RECORDS
MojoDns MojoDns GET DOMAIN NS RECORDS
MojoDns MojoDns GET DOMAIN SOA RECORDS
MojoDns MojoDns GET DOMAIN TXT RECORDS
Monapi.io Monapi.io GET IP ASN INFO
Monapi.io Monapi.io GET IP INFO
Monapi.io Monapi.io GET DOMAIN INFO
Monapi.io Monapi.io GET EMAIL INFO
Monapi.io Monapi.io GET IP GEOLOCATION
MongoDB MongoDB GET RSA ALERTS
MxToolBox MXToolBox GET DOMAIN A RECORDS
MxToolBox MXToolBox GET DOMAIN DNS RECORDS
MxToolBox MXToolBox GET DOMAIN MX RECORDS
MxToolBox MXToolBox GET IP PTR RECORDS
MxToolBox MXToolBox GET DOMAIN SOA RECORDS
MxToolBox MXToolBox GET DOMAIN SPF RECORDS
MxToolBox MXToolBox GET DOMAIN TXT RECORDS
MxToolBox MXToolBox CHECK DMARC RECORDS
MYIP MyIP GET MY PUBLIC IP
MYSQL MySQL GET COLUMNS INFO
MYSQL MySQL QUERY MYSQL
MYSQL MySQL GET TABLE INFO
National Institute of Standards and Technology National Vulnerability Database GET CVE DETAILS
NeutrinoAPI NeutrinoAPI GET IP INFO
Nivel technologies MAC Vendors GET MAC ADDRESS INFO
OPSWAT OPSWAT MetaDefender GET DOMAIN REPUTATION
OPSWAT OPSWAT MetaDefender GET IP REPUTATION
OPSWAT OPSWAT MetaDefender GET THREAT INTELLIGENCE FEEDS
OPSWAT OPSWAT MetaDefender GET URL REPUTATION
OPSWAT OPSWAT MetaDefender GET FILE REPUTATION
Palo Alto Networks Palo Alto EDL BLOCK IP
Palo Alto Networks Palo Alto EDL BLOCK DOMAIN
Palo Alto Networks Palo Alto EDL BLOCK URL
Palo Alto Networks Palo Alto EDL UNBLOCK IP
Palo Alto Networks Palo Alto EDL UNBLOCK DOMAIN
Palo Alto Networks Palo Alto EDL UNBLOCK URL
Palo Alto Networks Palo Alto EDL BLOCK HASH
Palo Alto Networks Palo Alto EDL UNBLOCK HASH
Palo Alto Networks Palo Alto EDL BLOCK WILDCARD DOMAINUNBLOCK WILDCARD DOMAIN
Palo Alto Networks Palo Alto EDL UNBLOCK WILDCARD DOMAIN
Palo Alto Networks Palo Alto Firewall BLOCK IP AS SOURCE
Palo Alto Networks Palo Alto Firewall UNBLOCK IP AS SOURCE
Palo Alto Networks Palo Alto Firewall UNBLOCK IP AS DESTINATION
Palo Alto Networks Palo Alto Firewall BLOCK IP AS DESTINATION
Palo Alto Networks Palo Alto Firewall BLOCK URL
Palo Alto Networks Palo Alto Firewall UNBLOCK URL
Palo Alto Networks Palo-Alto Panorama BLOCK IP AS SOURCE
Palo Alto Networks Palo-Alto Panorama UNBLOCK IP AS SOURCE
Palo Alto Networks Palo-Alto Panorama UNBLOCK IP AS DESTINATION
Palo Alto Networks Palo-Alto Panorama BLOCK IP AS DESTINATION
Palo Alto Networks Palo-Alto Panorama BLOCK URL
Palo Alto Networks Palo-Alto Panorama UNBLOCK URL
Phishing Initiative Phishing Initiative GET URL INFO
PhishTank PhishTank GET URL INFO
Polyswarm Polyswarm GET DOMAIN INFO
Polyswarm Polyswarm GET FILE INFO
Polyswarm Polyswarm GET HASH INFO
Polyswarm Polyswarm GET IP INFO
Polyswarm Polyswarm GET URL INFO
Proofpoint Targeted Attack Protection GET EVENTS
Proofpoint Targeted Attack Protection GET ISSUES
Proofpoint Targeted Attack Protection GET MESSAGES DELIVERED
Proofpoint Targeted Attack Protection GET CLICKS PERMITTED
QA|CAFE CloudShark GET PCAP FILE INFO
Qualys Qualys GET SCAN REPORTS
Qualys Qualys INITIATE SCAN
Qualys Qualys GET POLICIES
Qualys Qualys GET ASSETS
Qualys SSL Labs GET DOMAIN SSL INFO
Rapid 7 Rapid7 InsightVM INITIATE SCAN
Rapid 7 Rapid7 InsightVM INITIATE SCAN
Rapid 7 Rapid7 InsightVM GET POLICIES
Risk Discovery HoneyDB GET HOST REPUTATION
RISKIQ Passive Total GET DOMAIN PASSIVE DNS DETAILS
RISKIQ Passive Total GET DOMAIN UNIQUE PASSIVE DNS DETAILS
RISKIQ Passive Total GET DOMAIN ENRICHMENT DATA
RISKIQ Passive Total GET SUBDOMAINS
RISKIQ Passive Total GET IP PASSIVE DNS DETAILS
RISKIQ Passive Total GET IP UNIQUE PASSIVE DNS DETAILS
RISKIQ Passive Total GET DOMAIN WHOIS INFO
RISKIQ Passive Total GET DOMAIN MALWARE
RISKIQ Passive Total GET DOMAIN OSINT INFO
RSA NetWitness GET INCIDENTS
RSA NetWitness GET ALERTS
RSA NetWitness UPDATE INCIDENT
RSA NetWitness ADD NOTE TO INCIDENT
RSA NetWitness ASSIGN USER TO INCIDENT
RSA RSA Security Analytics GET CUSTOM ALERTS
Rootly Rootly SEND TO ROOTLY
Rootly Rootly POST COMMENTS
Rootly Rootly GET COMMENTS
Rootly Rootly UPDATE INCIDENT
Sangfor Sangfor ADD DOMAIN TO BLACKLIST
Sangfor Sangfor ADD DOMAIN TO WHITELIST
Sangfor Sangfor REMOVE DOMAIN FROM WHITELIST
Sangfor Sangfor REMOVE DOMAIN FROM BLACKLIST
Secpod SanerNow ADD DEVICE
Secpod SanerNow APPLY REMEDIATION
Secpod SanerNow ASSIGN DEVICE TO GROUP
Secpod SanerNow REMOVE DEVICE
Secpod SanerNow REMOVE REMEDIATION
Secpod SanerNow GET ALL DEVICES
Secpod SanerNow GET DEVICE INFO USING HOSTNAME
Secpod SanerNow GET DEVICE INFO USING IP
Secpod SanerNow GET DEVICE INFO USING MAC
Secpod SanerNow GET REMEDIATION JOB STATUS
Secpod SanerNow SCAN INITIATE USING HOSTNAME
Secpod SanerNow SCAN INITIATE USING IP
Secpod SanerNow SCAN INITIATE USING MAC
Secpod SanerNow UNASSIGN DEVICE FROM GROUP
Secpod SanerNow GET LAST REPORT USING MAC
Secpod SanerNow GET LAST REPORT USING IP
Secpod SanerNow GET LAST REPORT USING HOSTNAME
SecurityTrails Security Trails GET DNS MX RECORDS
SecurityTrails Security Trails GET DNS TXT RECORDS
SecurityTrails Security Trails GET DNS SOA RECORDS
SecurityTrails Security Trails GET DNS NS RECORDS
SecurityTrails Security Trails GET DNS AAAA RECORDS
SecurityTrails Security Trails GET DNS A RECORDS
SecurityTrails Security Trails GET SUBDOMAINS
SecurityTrails Security Trails GET IP NEIGHBOURS
SecurityTrails Security Trails GET DNS DATA
SecurityTrails URL Scan SCAN URL
SecurityTrails URL Scan GET DOMAIN INFO
SecurityTrails URL Scan GET IP INFO
Sentinel One Sentinel One XDR ADD BLACKLIST ITEM
Sentinel One Sentinel One XDR ADD THREAT TO BLACKLIST
Sentinel One Sentinel One XDR BROADCAST MESSAGE
Sentinel One Sentinel One XDR CONNECT AGENT TO NETWORK
Sentinel One Sentinel One XDR DISABLE AGENT
Sentinel One Sentinel One XDR DISCONNECT AGENT FROM NETWORK
Sentinel One Sentinel One XDR ENABLE AGENT
Sentinel One Sentinel One XDR GET ALERTS
Sentinel One Sentinel One XDR GET AGENT APPLICATIONS
Sentinel One Sentinel One XDR GET HASH REPUTATION
Sentinel One Sentinel One XDR GET THREATS
Sentinel One Sentinel One XDR INITIATE SCAN
Sentinel One Sentinel One XDR MARK ALERT AS FALSE POSITIVE
Sentinel One Sentinel One XDR MARK ALERT AS TRUE POSITIVE
Sentinel One Sentinel One XDR MARK ALERT AS UNDEFINED
Sentinel One Sentinel One XDR MARK ALERT INCIDENT STATUS AS INPROGRESS
Sentinel One Sentinel One XDR MARK ALERT INCIDENT STATUS AS RESOLVED
Sentinel One Sentinel One XDR MARK ALERT INCIDENT STATUS AS UNRESOLVED
Sentinel One Sentinel One XDR MARK THREAT AS FALSE POSITIVE
Sentinel One Sentinel One XDR MARK THREAT AS SUSPICIOUS
Sentinel One Sentinel One XDR MARK THREAT AS TRUE POSITIVE
Sentinel One Sentinel One XDR MARK THREAT AS UNDEFINED
Sentinel One Sentinel One XDR MARK THREAT INCIDENT STATUS AS INPROGRESS
Sentinel One Sentinel One XDR MARK THREAT INCIDENT STATUS AS RESOLVED
Sentinel One Sentinel One XDR MARK THREAT INCIDENT STATUS AS UNRESOLVED
Sentinel One Sentinel One XDR VALIDATE SENTINEL ITEM
Sentinel One Sentinel One XDR BLOCK IP
Sentinel One Sentinel One XDR UNBLOCK IP
Service Now Service Now CLOSE INCIDENT ON SERVICE NOW
Service Now Service Now ASSIGN USER TO INCIDENT
Service Now Service Now CREATE INCIDENT ON SERVICE NOW
Sevco Sevco GET UNIFIED DEVICES
SGBOX SGBOX GET EVENTS
Shodan Shodan LOOKUP IP
SIRP Email PARSE FSISAC EMAILS
SIRP Email PARSE PHISHING EMAILS
SIRP Email PARSE JSON EMAILS
SIRP Email PARSE NCR EMAILS
SIRP Email PARSE CTM360 EMAILS
SIRP Email PARSE USCERT EMAILS
SIRP Email GET STATS
SIRP Email PARSE SPLUNK EMAILS
SIRP Email GET MATURITY STATS
SIRP Email GET THREAT MONITORING STATS
SIRP Email OPENCANARY JSON PARSER
SIRP Email PARSE ALIENVAULT USM EMAILS
SIRP Email PARSE RSA EMAILS
SIRP Email PARSE LASTLINE EMAILS
SIRP Email PARSE ETISALAT EMAILS
SIRP Email PARSE DLP EMAILS
SIRP Email PARSE GUARDIUM EMAILS
SIRP SIRP GET IP WHOIS INFO
SIRP SIRP GET DOMAIN WHOIS INFO
SIRP SIRP CHANGE PRIORITY
SIRP SIRP ADD MEMBERS
SIRP SIRP EMAIL NOTIFICATIONS
SIRP SIRP CREATE CASE
SIRP SIRP CHANGE DISPOSITION
SIRP SIRP ASSIGN TASK
SIRP SIRP GET ASSET DETAILS
SIRP SIRP CHANGE SEVERITY
SIRP SIRP CHANGE CATEGORY
SIRP SIRP CHANGE STATUS
SIRP SIRP SEND REPORTED IOCS
SIRP SIRP USER CONFIRMATION
SIRP SIRP SEND EMAIL
SIRP SIRP NS LOOKUP FOR DOMAIN
SIRP SIRP NS LOOKUP FOR IP
SIRP SIRP GET CONTAINER DETAILS
SIRP SIRP ADD COMMENT
SIRP SIRP GET NETWORK BLOCK OF IP
Slack Slack GET USER INFO
Slack Slack GET CHANNEL LIST
Slack Slack GET USER LIST
Slack Slack SEND MESSAGE TO CHANNEL
Slack Slack POST NOTIFICATION
SLASHNEXT SlashNext SCAN URL
SOCRadar SOCRadar GET INCIDENTS
SOCRadar SOCRadar CHANGE INCIDENT STATUS
SOCRadar SOCRadar PUSH FEEDS TO ELASTIC
SolarWinds SolarWinds  
Sophos Sophos EDL BLOCK URL
Sophos Sophos EDL UNBLOCK URL
Sophos Sophos EDL BLOCK DOMAIN
Sophos Sophos EDL UNBLOCK DOMAIN
Sophos Sophos EDR  ISOLATE DEVICE BY HOSTNAME
Sophos Sophos EDR  UNISOLATE DEVICE BY HOSTNAME
Sophos Sophos EDR  BLOCK HASH
Sophos Sophos EDR  UNBLOCK HASH
Sophos Sophos Firewall BLOCK IP AS SOURCE
Sophos Sophos Firewall UNBLOCK IP AS SOURCE
Sophos Sophos Firewall BLOCK IP AS DESTINATION
Sophos Sophos Firewall UNBLOCK IP AS DESTINATION
Sophos Sophos Firewall BLOCK URL
Sophos Sophos Firewall UNBLOCK URL
Splunk Splunk Enterprise GET CUSTOM ALERTS
Splunk Splunk Enterprise QUERY EVENTS LAST 24 HOURS
Splunk Splunk Enterprise QUERY DOMAIN EVENTS LAST 24 HOURS
Splunk Splunk Enterprise QUERY IP EVENTS LAST 24 HOURS
Splunk Splunk Enterprise QUERY HOSTNAME EVENTS LAST 24 HOURS
Splunk Splunk Enterprise QUERY USER EVENTS LAST 24 HOURS
Splunk Splunk Enterprise QUERY HASH EVENTS LAST 24 HOURS
Splunk Splunk Enterprise INGEST EVENTS
Splunk Splunk EDL UNBLOCK URL
Splunk Splunk EDL BLOCK HASH
Splunk Splunk EDL UNBLOCK HASH
SSH SSH GET NETWORK CONECTIONS
SSH SSH GET SESSIONS
SSH SSH GET STORAGE
SSH SSH GET PROCESS
SSH SSH CHECK CONNECTIVITY
Sumo Logic Sumo Logic CIP GET EVENTS FOR LAST 15 MINUTES
Sumo Logic Sumo Logic CSE POST COMMENTS
Sumo Logic Sumo Logic CSE GET COMMENTS
Sumo Logic Sumo Logic CSE CHANGE STATUS OF INSIGHT
Sumo Logic Sumo Logic CSE GET INSIGHT ENRICHMENT
Sumo Logic Sumo Logic CSE GET INSIGHTS
Sumo Logic Sumo Logic CSE GET RULE DETAILS
Sumo Logic Sumo Logic CSE GET SIGNAL ENRICHMENT
Sumo Logic Sumo Logic CSE GET SIGNALS
Sumo Logic Sumo Logic CSE GET SIGNAL DETAILS
SWIFT SWIFT-ISAC GET FEEDS
Symantec Symantec EDR GET INCIDENTS
Symantec Symantec EDR MARK INCIDENT AS CLOSED
Symantec Symantec EDR UPDATE INCIDENT RESOLUTION
Symantec Symantec EDR ADD IP TO ALLOWLIST
Symantec Symantec EDR ADD DOMAIN TO ALLOWLIST
Symantec Symantec EDR ADD URL TO ALLOWLIST
Symantec Symantec EDR ADD HASH TO ALLOWLIST
Symantec Symantec EDR ADD IP TO BLACKLIST
Symantec Symantec EDR ADD DOMAIN TO BLACKLIST
Symantec Symantec EDR ADD URL TO BLACKLIST
Symantec Symantec EDR ADD HASH TO BLACKLIST
Symantec Symantec EDR ADD IP TO DENYLIST
Symantec Symantec EDR ADD DOMAIN TO DENYLIST
Symantec Symantec EDR ADD URL TO DENYLIST
Symantec Symantec EDR ADD HASH TO DENYLIST
Symantec Symantec EDR REMOVE IP FROM BLACKLIST
Symantec Symantec EDR REMOVE DOMAIN FROM BLACKLIST
Symantec Symantec EDR REMOVE URL FROM BLACKLIST
Symantec Symantec EDR REMOVE HASH FROM BLACKLIST
Symantec Symantec EDR REMOVE IP FROM DENYLIST
Symantec Symantec EDR REMOVE DOMAIN FROM DENYLIST
Symantec Symantec EDR REMOVE URL FROM DENYLIST
Symantec Symantec EDR REMOVE HASH FROM DENYLIST
Symantec Symantec™ Messaging Gateway BLOCK EMAIL
Symantec Symantec™ Messaging Gateway GET PHISHING EMAILS
Symantec Symantec™ Messaging Gateway UNBLOCK EMAIL
Symantec Symantec™ Messaging Gateway BLOCK DOMAIN
Symantec Symantec™ Messaging Gateway UNBLOCK DOMAIN
Synacor Zimbra PARSE FSISAC EMAILS
Synacor Zimbra PARSE PHISHING EMAILS
Synacor Zimbra PARSE JSON FORMAT EMAILS
Synacor Zimbra PARSE NCR EMAILS
Tenable Tenable IO GET SCAN REPORTS
Tenable Tenable IO GET POLICIES
Tenable Tenable IO INITIATE SCAN
Tenable Tenable IO INITIATE SCAN
Tenable Tenable IO FETCH ASSETS
Tenable Tenable SC GET SCAN REPORTS
Tenable Tenable SC INITIATE SCAN
Tenable Tenable SC GET POLICIES
The Register The Register GET FEEDS
Threat Intelligence Platform Threat Intelligence API GET DOMAIN REPUTATION
Threat Intelligence Platform Threat Intelligence API CHECK DOMAIN SSL INFO
Threat Intelligence Platform Threat Intelligence API GET DOMAIN INFRASTRUCTURE
Threat Intelligence Platform Threat Intelligence API CHECK DOMAIN FOR MALWARE
Threat Intelligence Platform Threat Intelligence API GET CONNECTED DOMAINS
Threat Intelligence Platform Threat Intelligence API GET DOMAIN SSL CHAIN INFO
ThreatCrowd ThreatCrowd GET DOMAIN INFO
ThreatCrowd ThreatCrowd GET EMAIL INFO
ThreatCrowd ThreatCrowd GET HASH INFO
ThreatCrowd ThreatCrowd GET IP INFO
ThreatMiner ThreatMiner GET DOMAIN INFO
ThreatMiner ThreatMiner GET HASH INFO
ThreatMiner ThreatMiner GET IP INFO
ThreatQ ThreatQ PUSH IP
ThreatQ ThreatQ PUSH Domain
ThreatQ ThreatQ PUSH URL
ThreatQ ThreatQ PUSH HASH
ThreatQ ThreatQ GET HASH REPUTATION
ThreatQ ThreatQ GET DOMAIN REPUTATION
ThreatQ ThreatQ GET IP REPUTATION
ThreatQ ThreatQ GET URL REPUTATION
Trend Micro Apex Central UPLOAD YARA FILE
Trend Micro Apex Central RESTORE AGENT
Trend Micro Apex Central LIST YARA FILES
Trend Micro Apex Central GET LIST SERVERS
Trend Micro Apex Central GET LIST ALL AGENTS
Trend Micro Apex Central ISOLATE AGENT
Trend Micro Apex Central GET SPECIFIC AGENT
Trend Micro Apex Central CREATE SCAN
Trend Micro Apex Central ADD URL TO UDSO LIST AS BLOCK
Trend Micro Apex Central ADD IP TO UDSO LIST AS BLOCK
Trend Micro Apex Central ADD HASH TO UDSO LIST AS BLOCK
Trend Micro Apex Central ADD DOMAIN TO UDSO LIST AS BLOCK
Trend Micro Apex Central REMOVE URL FROM UDSO LIST
Trend Micro Apex Central REMOVE DOMAIN FROM UDSO LIST
Trend Micro Apex Central REMOVE HASH FROM UDSO LIST
Trend Micro Apex Central REMOVE IP FROM UDSO LIST
Trend Micro Apex Central ADD URL TO UDSO LIST AS LOG
Trend Micro Apex Central ADD IP TO UDSO LIST AS LOG
Trend Micro Apex Central ADD HASH TO UDSO LIST AS LOG
Trend Micro Apex Central ADD DOMAIN TO UDSO LIST AS LOG
Trend Micro Cloud App Security DELETE EMAIL BY SOURCE DOMAIN
Trend Micro Cloud App Security DELETE EMAIL BY URL
Trend Micro Cloud App Security DISABLE USER ACCOUNT
Trend Micro Cloud App Security ENABLE USER ACCOUNT
Trend Micro Cloud App Security SWEEP EMAIL BY SHA1
Trend Micro Cloud App Security SWEEP EMAIL BY SUBJECT
Trend Micro Cloud App Security SWEEP EMAIL BY SHA256
Trend Micro Cloud App Security SWEEP EMAIL BY FILENAME
Trend Micro Cloud App Security SWEEP EMAIL BY FILE EXTENSION
Trend Micro Cloud App Security SWEEP EMAIL BY SENDER
Trend Micro Cloud App Security SWEEP EMAIL BY RECIPIENTS
Trend Micro Cloud App Security SWEEP EMAIL BY SOURCE IP
Trend Micro Cloud App Security SWEEP EMAIL BY SOURCE DOMAIN
Trend Micro Cloud App Security RESET PASSWORD
Trend Micro Cloud App Security UNBLOCK HASH
Trend Micro Cloud App Security UNBLOCK SENDER
Trend Micro Cloud App Security UNBLOCK URL
Trend Micro Cloud App Security SWEEP EMAIL BY URL
Trend Micro Cloud App Security QUARANTINE EMAIL BY SHA1
Trend Micro Cloud App Security QUARANTINE EMAIL BY SUBJECT
Trend Micro Cloud App Security QUARANTINE EMAIL BY SHA256
Trend Micro Cloud App Security QUARANTINE EMAIL BY FILENAME
Trend Micro Cloud App Security QUARANTINE EMAIL BY EXTENSION
Trend Micro Cloud App Security QUARANTINE EMAIL BY SENDER
Trend Micro Cloud App Security QUARANTINE EMAIL BY RECIPIENTS
Trend Micro Cloud App Security QUARANTINE EMAIL BY SOURCE IP
Trend Micro Cloud App Security QUARANTINE EMAIL BY DOMAIN
Trend Micro Cloud App Security QUARANTINE EMAIL BY URL
Trend Micro Contol Manager GET CUSTOM ALERTS
Trend Micro Deep Discovery Director GET CUSTOM ALERTS
Trend Micro Deep Security ADD IP TO DESTINATION LIST
Trend Micro Deep Security ADD IP TO SOURCE LIST
Trend Micro Deep Security REMOVE IP FROM DESTINATION LIST
Trend Micro Deep Security REMOVE IP FROM SOURCE LIST
Trend Micro TippingPoint BLOCK IP
Trend Micro TippingPoint UNBLOCK IP
Trend Micro Vision One GET ALERTS
Trend Micro Vision One PUSH IP TO BLOCK
Trend Micro Vision One PUSH DOMAIN TO BLOCK
Trend Micro Vision One PUSH URL TO BLOCK
Trend Micro Vision One PUSH HASH TO BLOCK
Trend Micro Vision One PUSH EMAIL TO BLOCK
Trend Micro Vision One GET FILE REPORT
Trend Micro Vision One PUSH IP TO LOG
Trend Micro Vision One PUSH DOMAIN TO LOG
Trend Micro Vision One PUSH URL TO LOG
Trend Micro Vision One PUSH HASH TO LOG
Trend Micro Vision One PUSH EMAIL TO LOG
Trellix Trellix GET ALERTS
Virus Bulletin Virus Bulletin GET FEEDS
Virus Total Virus Total GET HASH INFO
Virus Total Virus Total GET IP INFO
Virus Total Virus Total GET DOMAIN INFO
Virus Total Virus Total GET URL INFO
Virus Total Virus Total GET FILE REPORT
VMWare Carbon Black Cloud ADD HASH TO BLACKLIST
VMWare Carbon Black Cloud REMOVE HASH FROM BLACKLIST
VMWare Carbon Black Cloud GET ALERTS
VMWare Carbon Black EDR BLOCK HASH
VMWare Carbon Black EDR GET ALERTS
VMWare Carbon Black EDR GET PROCESS INFO FOR SEGMENT
VMWare Carbon Black EDR GET PROCESS INFO
VMWare VSphere GET ALL VM MACHINES
VMWare VSphere TURN ON VM
VMWare VSphere TURN OFF VM
VMWare VSphere REVERT VM TO SNAPSHOT
VMWare VSphere TAKE VM SNAPSHOT
VMWare VSphere SUSPEND VM
VMWare VSphere GET VM INFO
VulDB VulDB GET CVE DETAILS
Wayback Machine Wayback Machine GET DOMAIN ARCHIVES
Wazuh Wazuh GET MITRE INFO
Whatismybrowser WhatIsMyBrowser GET USER AGENT INFO
WhoisXML WhoisXML GET URL WHOIS INFO
WhoisXML WhoisXML GET DOMAIN REPUTATION
WhoisXML WhoisXML CHECK EMAIL ADDRESS
WhoisXML WhoisXML GET DOMAIN INFO
WhoisXML WhoisXML GET IP GEOLOCATION
Zendesk Zendesk CREATE TICKET ON ZENDESK
Zendesk Zendesk POST COMMENTS
Zendesk Zendesk GET COMMENTS
Zendesk Zendesk UPDATE TICKET ON ZENDESK
Zoho Zoho Desk PUSH TICKET TO ZOHO
Zoho Zoho Desk GET COMMENTS
Zoho Zoho Desk GET TICKETS
Zoho Zoho Desk POST COMMENTS
Zoho Zoho Desk CLOSE TICKET ON ZOHO
Zscaler Zscaler GET BLACKLIST OF IP URLS
Zscaler Zscaler GET WHITELIST OF IP URLS
Zscaler Zscaler LOOKUP URL CATEGORY
Zscaler Zscaler LOOKUP IP CATEGORY
Zscaler Zscaler ADD URL TO BLACKLIST
Zscaler Zscaler REMOVE URL FROM BLACKLIST
Zscaler Zscaler ADD IP TO BLACKLIST
Zscaler Zscaler REMOVE IP FROM BLACKLIST
Zscaler Zscaler ADD URL TO WHITELIST
Zscaler Zscaler ADD IP TO WHITELIST
Zscaler Zscaler REMOVE URL FROM WHITELIST
Zscaler Zscaler REMOVE IP FROM WHITELIST

Start automating your use cases today