CyberSixgill Enrichment Block for SE

CyberSixgill Enrichment Block for SE

TomFridmanTomFridman Community Team
edited December 2021 in Siemplify Best Practices

As promised, we are sending you the winning blocks from the Community Challenge. So, we’ll start with the 3rd place winning block created by Dor Gosher  from Cybersixgill. 

Dor sent us an enrichment block that’s super easy for you to use.  The problem the block tries to solve:

Incident response activities often include repetitive tasks based on fragmented or insufficient information. Irrelevant alerts cause fatigue, and disparate tools for different tasks pile up - SOC analysts can find it very difficult to keep up.The solution the block offers

Automate indicator enrichment through Siemplify playbooks. These playbooks harness Darkfeed’s IOCs to trigger and execute actions across the entire security stack. As a result, analysts gain total visibility in a single pane of glass.Are you interested in trying it out? Here it is.

Just import it to your Siemplify environment through the Use Case module.

Sign In or Register to comment.