C1fapp
C1fApp is a threat feed aggregation application, providing a single feed, both Open Source and private.
Connect C1fapp with Devo SOAR
Navigate to Automations > Integrations.
Search for C1fapp.
Click Details, then the + icon. Enter the required information in the following fields.
Label: Enter a connection name.
Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
Remote Agent: Run this integration using the Devo SOAR Remote Agent.
API Key: The API key to connect to the C1fapp.
After you've entered all the details, click Connect.
Actions for C1fapp
Lookup
Lookup whether an IP or a hostname is in the bad guys feed.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
Input Name | Description | Required |
---|---|---|
IP or hostname column | Column name from the parent table with the IPs or hostnames to investigate. | Required |
Release Notes
v2.0.0
- Updated architecture to support IO via filesystemv1.0.8
- Added documentation link in the automation library.