Fortinet black logo

SafeBreach

Home FortiSOAR Connectors SafeBreach

SafeBreach v1.0.0

1.0.0
1.0.0
Copy Link
Copy Doc ID 667f17cc-cc5b-4242-a4c2-b6114f4a04f7:1

About the connector

SafeBreach simulates attacks across the kill chain, to validate security policy, configuration, and effectiveness.

This document provides information about the SafeBreach connector, which facilitates automated interactions with a SafeBreach server using FortiSOAR™ playbooks. Use this connector to get a simulation from SafeBreach and rerun the simulation on your system.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-safebreach

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Rerun Simulation Reruns the simulation based on the specified command. rerun_simulation
Investigation
Get Simulation Retrieves the breach simulation result. get_simulation
Investigation

Included playbooks

The Sample - SafeBreach - 1.0.0 playbook collection comes bundled with the SafeBreach connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the SafeBreach connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next

About the connector

SafeBreach simulates attacks across the kill chain, to validate security policy, configuration, and effectiveness.

This document provides information about the SafeBreach connector, which facilitates automated interactions with a SafeBreach server using FortiSOAR™ playbooks. Use this connector to get a simulation from SafeBreach and rerun the simulation on your system.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:

yum install cyops-connector-safebreach

For the detailed procedure to install a connector, click here.

Configuring the connector

For the procedure to configure a connector, click here.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:

Function Description Annotation and Category
Rerun Simulation Reruns the simulation based on the specified command. rerun_simulation
Investigation
Get Simulation Retrieves the breach simulation result. get_simulation
Investigation

Included playbooks

The Sample - SafeBreach - 1.0.0 playbook collection comes bundled with the SafeBreach connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the SafeBreach connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.

Previous
Next