This App provides the capability to publish Threat Information from Phantom to the McAfee Data Exchange Layer messaging bus. This App supports the following actions:
- lookup md5 Hash with McAfee Active Response - lookup md5
- push md5 hash into the TIE Database with a reputation score - dxl push md5
- push an event over the McAfee DXL fabric - dxl push ip
- validate the asset configuration for DXL connectivity - test connectivity
More actions will follow.
Phantom is a community powered security automation and orchestration platform.
- 451 Downloads
Updated OpenDXL Client Libraries version 18.104.22.1686 included.
Automated certificate creation process during the test connectivity process.
- 379 Downloads
Version 1.1.0 includes an additional action with MAR. This allows to lookup md5 Hashes with McAfee Active Response.
- 384 Downloads