Energy SOAR User Guide
- Integrations
- Responders
- AMPforEndpoints
- AzureTokenRevoker
- CheckPoint
- CheckPointBlockIP
- CheckPointUnblockIP
- DNS-RPZ
- DomainToolsIris_AddRiskyDNSTag
- DomainToolsIris_CheckMaliciousTags
- Duo_Security
- Eset
- FalconCustomIOC
- FortiMailBlockRecipient
- FortiMailBlockSender
- FortiMailConnectionTest
- FortiMailUnblockRecipient
- FortiMailUnblockSender
- Gmail
- KnowBe4
- LDAP
- MSDefenderEndpoints
- MSDefenderOffice365
- MailIncidentStatus
- Mailer
- Minemeld
- PaloAltoCortexXDR
- PaloAltoNGFW
- PaloAltoNGFW_block_external_IP_address
- PaloAltoNGFW_block_external_domain
- PaloAltoNGFW_block_external_user
- PaloAltoNGFW_block_internal_IP_address
- PaloAltoNGFW_block_internal_domain
- PaloAltoNGFW_block_internal_user
- PaloAltoNGFW_block_port_for_external_communication
- PaloAltoNGFW_block_port_for_internal_communication
- PaloAltoNGFW_unblock_external_IP_address
- PaloAltoNGFW_unblock_external_domain
- PaloAltoNGFW_unblock_external_user
- PaloAltoNGFW_unblock_internal_IP_address
- PaloAltoNGFW_unblock_internal_domain
- PaloAltoNGFW_unblock_internal_user
- PaloAltoNGFW_unblock_port_for_external_communication
- PaloAltoNGFW_unblock_port_for_internal_communication
- QRadarAutoClose
- RT4
- Redmine
- RiskIQ
- RunWorkflow
- SEPBlockHash
- SEPQuarantineHost
- SEPUnblockHash
- SEPUnquarantineHost
- SMGBlockDomain
- SMGBlockEmail
- SMGBlockIP
- SMGUnblockDomain
- SMGUnblockEmail
- SMGUnblockIP
- SendGrid
- SentinelOne
- SentinelOne
- Shuffle
- UmbrellaBlacklister
- Velociraptor
- VirustotalDownloader
- Wazuh
- ZEROFOX_Close_alert
- ZEROFOX_Takedown_request
- Analyzers
- AbuseIPDB
- Abuse_Finder
- AnyRun
- Autofocus
- BackscatterIO
- BitcoinAbuse
- C1fApp
- CERTatPassiveDNS
- CIRCLHashlookup
- CIRCLPassiveDNS
- CIRCLPassiveSSL
- CISMCAP
- Censys
- CheckPhish
- ClamAV
- Crowdsec
- Crtsh
- CuckooSandbox
- CyberChef
- CyberCrime-Tracker
- Cyberprotect
- Cylance
- Cylance hashlookup
- FAQ
- DNSDB
- DNSLookingglass
- DNSSinkhole
- DShield
- Diario
- DomainMailSPFDMARC
- DomainTools
- DomainToolsIris
- EchoTrail
- Elasticsearch
- EmailRep
- EmergingThreats
- EmlParser
- EnrichmentEngine
- FalconSandbox
- FileInfo
- FireEyeiSight
- FireHOLBlocklists
- ForcepointWebsensePing
- Fortiguard
- GRR
- GoogleDNS
- GoogleSafebrowsing
- GoogleVisionAPI
- GreyNoise
- HIBP
- Hashdd
- Hippocampe
- Hunterio
- HybridAnalysis
- IBMXForce
- IP-API
- IPVoid
- IPinfo
- IVRE
- Inoitsu
- Inoitsu-analyzer
- IntezerCommunity
- Investigate
- JoeSandbox
- KasperskyTIP
- LastInfoSec
- LdapQuery
- MISP
- MISPWarningLists
- Malpedia
- Maltiverse
- MalwareBazaar
- MalwareClustering
- Prerequisites:
- Malwares
- MaxMind
- MetaDefender
- MnemonicPDNS
- MsgParser
- NERD
- NSRL
- Nessus
- OTXQuery
- Onyphe
- OpenCTI
- PaloAltoWildFire
- PassiveTotal
- Patrowl
- PayloadSecurity
- PhishTank
- PhishingInitiative
- ProofPoint
- Pulsedive
- RecordedFuture
- RiskIQ
- Robtex
- SEKOIAIntelligenceCenter
- SecurityTrails
- SentinelOne
- Shodan
- SinkDB
- SoltraEdge
- SophosIntelix
- SpamAssassin
- SpamhausDBL
- Splunk
- StamusNetworks
- StaxxSearch
- StopForumSpam
- TalosReputation
- TeamCymruMHR
- ThreatGrid
- ThreatMiner
- ThreatResponse
- Threatcrowd
- Thunderstorm
- TorBlutmagie
- TorProject
- Triage
- Triage Sandbox analyzer
- FAQ
- URLhaus
- Umbrella
- UnshortenLink
- Urlscan.io
- VMRay
- Valhalla
- Verifalia
- VirusTotal
- Virusshare
- Vulners
- WOT
- Yara
- Yeti
- Zscaler
- How to Write and Submit an Analyzer
- Creating Your First Node
- Prerequisites
- Selecting the Node
- Cloning the Repository
- Creating the Node
- Adding the Node to Editor UI
- Creating the UI for the Node
- Resources and Operations
- Adding required fields
- Adding optional fields
- Creating the UI for credentials
- FriendGrid’s credentials
- Mapping the UI fields to the API
- Creating a contact in FriendGrid with n8n
- Processing multiples items
- Output of the FriendGrid node
- Summary
- Energy Logserver SIEM
- Microsoft Exchange
- Responders