Fortinet Document Library

Version:


Table of Contents

FortiSOAR SOC Simulator

1.0.0
Copy Link

About the connector

The FortiSOAR SOC Simulator connector is a special type of connector that is used to simulate a SOC environment. It creates various scenarios-based artifacts such as alerts, incidents, etc. in FortiSOAR™. You can use this connector to import various scenarios and learn how FortiSOAR™ works and handles various types of attacks on your environment using both automated and manual methods.

Version information

Connector Version: 1.0.0

Authored By: Community

Certified: No

Installing the connector

From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:

yum install cyops-connector-fortisoar-soc-simulator

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the FortiSOAR SOC Simulator connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details: 

Parameter Description
Import Scenarios Select this option to import various scenarios into FortiSOAR™. Scenarios include creating various types of artifacts to simulate what would happen in the real world in case of, for example, a "Brute Force Attempt", a "Phishing Email", a "Compliance Alert", etc.
Load Threat Intelligence Select this option to dynamically update the artifacts created by the scenarios. Choosing this option will dynamically update the field values such as filehash values in a record.

About the connector

The FortiSOAR SOC Simulator connector is a special type of connector that is used to simulate a SOC environment. It creates various scenarios-based artifacts such as alerts, incidents, etc. in FortiSOAR™. You can use this connector to import various scenarios and learn how FortiSOAR™ works and handles various types of attacks on your environment using both automated and manual methods.

Version information

Connector Version: 1.0.0

Authored By: Community

Certified: No

Installing the connector

From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:

yum install cyops-connector-fortisoar-soc-simulator

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Connectors page, click the FortiSOAR SOC Simulator connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details: 

Parameter Description
Import Scenarios Select this option to import various scenarios into FortiSOAR™. Scenarios include creating various types of artifacts to simulate what would happen in the real world in case of, for example, a "Brute Force Attempt", a "Phishing Email", a "Compliance Alert", etc.
Load Threat Intelligence Select this option to dynamically update the artifacts created by the scenarios. Choosing this option will dynamically update the field values such as filehash values in a record.