Demisto is a popular Security Orchestration and Automation Response (SOAR) platform. With it, security teams create standardized, automated, and coordinated responses across their entire security product stack. Playbooks that automate common procedures are enabled by thousands of security actions from a large ecosystem of partners make scalable, accelerated incident response a reality.
The Demisto integration includes four actions:
- IP address reputation lookup
- Domain reputation lookup
- File hash reputation lookup
- Related entities for an IP address, domain, or file hash
How to enable the integration
The integration is available directly from Demisto (https://support.demisto.com/hc/en-us/articles/360006572474). Enabling the integration requires a valid Recorded Future API token. Instructions for generating a Recorded Future API token are found on this support page.
For More Information
More information about this integration, including suggested use cases for enrichment and interactive investigation of complex threats, is available on this blog written by Demisto.