Fortinet black logo

Phishme Intelligence

Home FortiSOAR Connectors Phishme Intelligence

Phishme Intelligence v.1.0.0

1.0.0
1.0.0
Copy Link
Copy Doc ID 0b6e5db4-5927-4dd7-bbb4-866c47a6a6c8:1

About the connector

PhishMe Intelligence is a service that delivers Timely, Accurate, Relevant, and Actionable information about phishing threats.

This document provides information about the Phishme Intelligence connector, which facilitates automated interactions with Phishme Intelligence using FortiSOAR™ playbooks. Add the Phishme Intelligence connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a a threat report from Phishme Intelligence and hunting a specified IP address, URL, domain, or filehash on Phishme Intelligence.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-phishme-intelligence

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Hunt URL Hunts for a URL that you have specified on Phishme Intelligence. hunt_url
Investigation
Hunt File Hunts for a file (MD5 value) that you have specified on Phishme Intelligence. hunt_file
Investigation
Hunt IP Hunts for an IP address that you have specified on Phishme Intelligence. hunt_ip
Investigation
Hunt Domain Hunts for a domain name that you have specified on Phishme Intelligence. hunt_domain
Investigation
Get Report Retrieves a threat report from Phishme Intelligence. get_report
Investigation

Included playbooks

The Sample - Phishme Intelligence - 1.0.0 playbook collection comes bundled with the Phishme Intelligence connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Phishme Intelligence connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next

About the connector

PhishMe Intelligence is a service that delivers Timely, Accurate, Relevant, and Actionable information about phishing threats.

This document provides information about the Phishme Intelligence connector, which facilitates automated interactions with Phishme Intelligence using FortiSOAR™ playbooks. Add the Phishme Intelligence connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a a threat report from Phishme Intelligence and hunting a specified IP address, URL, domain, or filehash on Phishme Intelligence.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-phishme-intelligence

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Hunt URL Hunts for a URL that you have specified on Phishme Intelligence. hunt_url
Investigation
Hunt File Hunts for a file (MD5 value) that you have specified on Phishme Intelligence. hunt_file
Investigation
Hunt IP Hunts for an IP address that you have specified on Phishme Intelligence. hunt_ip
Investigation
Hunt Domain Hunts for a domain name that you have specified on Phishme Intelligence. hunt_domain
Investigation
Get Report Retrieves a threat report from Phishme Intelligence. get_report
Investigation

Included playbooks

The Sample - Phishme Intelligence - 1.0.0 playbook collection comes bundled with the Phishme Intelligence connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Phishme Intelligence connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next