CyberSixgill Enrichment Block for SE
As promised, we are sending you the winning blocks from the Community Challenge. So, we’ll start with the 3rd place winning block created by Dor Gosher from Cybersixgill.
Dor sent us an enrichment block that’s super easy for you to use. The problem the block tries to solve:
Incident response activities often include repetitive tasks based on fragmented or insufficient information. Irrelevant alerts cause fatigue, and disparate tools for different tasks pile up - SOC analysts can find it very difficult to keep up.The solution the block offers
Automate indicator enrichment through Siemplify playbooks. These playbooks harness Darkfeed’s IOCs to trigger and execute actions across the entire security stack. As a result, analysts gain total visibility in a single pane of glass.Are you interested in trying it out? Here it is.
Just import it to your Siemplify environment through the Use Case module.