Cisco SecureX Integration Workflows Logo
latest

threat response

  • 1. Getting Started
  • 2. Pivot into threat response
  • 3. Queries
  • 4. Refer "Pivot" Actions
  • 5. Response Actions
  • 6. Relay API

Orchestration

  • 1. Getting Started
  • 2. Workflows
  • 3. Logic
  • 4. Events
  • 5. Schedules
  • 6. Import/Export
  • 7. API Documentation
Cisco SecureX Integration Workflows
  • Docs »
  • <no title>
  • Edit on GitHub

Getting Started

  • 1. Getting Started
    • 1.1. Global API Endpoint URLs
    • 1.2. Create API Client in Threat Response UI
    • 1.3. Scopes
    • 1.4. Using API Client Credentials to Get Access Token
    • 1.5. Authentication
    • 1.6. Rate Limits
    • 1.7. API Endpoints

Use Cases

  • 2. Pivot into threat response
    • 2.1. Launch Investigation From URL
    • 2.2. Launch Investigation From a Newly Created Casebook
    • 2.3. Launch Investigation From an Existing Casebook

Queries

  • 3. Queries
    • 3.1. Get Verdicts for an Observable
    • 3.2. Contextualize an Observable

Actions

  • 4. Refer "Pivot" Actions
    • 4.1. Extract Observables
    • 4.2. Refer Observables
    • 4.3. Use Cases
  • 5. Response Actions
    • 5.1. Extract Observables
    • 5.2. Respond Observable

Relay API

  • 6. Relay API
    • 6.1. Requirements
    • 6.2. Good Practices When Possible
Next Previous

© Copyright 2020, Cisco Systems Revision 0da360fe.

Built with Sphinx using a theme provided by Read the Docs.