Intezer App for Phantom
Intezer About
Intezer has developed novel technology- the only solutions to apply biological immune system concepts to cyber security. Through its ‘DNA mapping’ approach to code, Intezer provides enterprises with unparalleled threat detection that accelerates incident response and eliminates false positives, while protecting against fileless malware, APTs, code tampering and vulnerable software.
Overview
This app provides a three actions that can be used in Phantom cyber
- Detonate file
- Get Report
- File Reputation
Intezer Intezer App for Phantom Requirements
Requires Phantom 3.5+
Installation
- Download the latest .tgz from https://github.com/secops4thewin/phintezeranalyze
- Logon to Phantom
- Click Apps
- Click Install Apps
- Select the tgz from Step 1 and click Install
- Click Unconfigured Apps and search for 'Intezer Analyze'
- Click Configure New Asset
- Fill out asset information
- Click Asset Settings, Enter API
- Click Save
- Click Test Connectivity
Release Notes
- 1.0.0 Initial release with API functionality
- 1.1.0 Replaced code inline with best practices