Anomali ThreatStream operationalizes threat intelligence, automating collection and integration, and enabling security teams to analyze and respond to threats.
AlienVaultTI - Powerful Threat Detection, Incident Response & Compliance in One Solution.
Database of API services mostly focused on threat analysis and threat intelligence, that can be easily integrated anywhere.
AppSheet provides a no-code development platform for application software, which allows users to create mobile, tablet, and web applications using data sources like Google Drive, DropBox, Office 365, and other cloud-based spreadsheet and database platforms.
A set of custom connectors created for Siemplify Community to power up automation capabilities.
A set of utility actions to assist with working with emails. Parsing
A set of enrichment actions created for Siemplify Community to power up playbook capabilities.
A set of file utility actions created for Siemplify Community to power up playbook capabilities.
Alerts and Entities Report
This report provides a look into the most commonly impacted Entities including Address, Destination URLs, Hostnames etc. A snapshot of most impacting Incidents and most impacted entities is provided in detail. Pre - Requisites 1. Should use Incident flag for identifying Incidents in Cases
Analysts Case Load Tracker
This report provides clarity on the workload that each Analyst handles across your Security Operations at any particular time.
Customer Report is a summary dashboard that provides an overall visibility across main aspects of your Security Operations Center coverage. Pre - Requisites 1. Should use Mark as Important flag for identifying Important Cases 2. Should use Incident flag for identifying Incidents 3. SLA should have been defined for Closure of Cases 4. All Non Malicious Cases are considered False Positives in this dashboard
This is a simple, elegant dashboard created for monitoring critical KPI. It reflects a summary of all Incidents, Resolution Times, SLA targets and more. Pre - Requisites 1. Should use Incident flag for identifying Incidents 2. SLA should have been defined for Closure of Cases 3. Escalated Cases should be identified by a stage Escalated