This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Here’s where you’ll find a buzzing community of Security professionals from around the world with one common mission: bringing their Security platforms to the next level.
The file system on the Python environment is designed to wipe itself,
you can store the file to a case as an attachment or you could utilize a
global context value for the same purpose if a string would suffice to
store the file
The connector as written is set up to create Alerts for each email and
its attachments and does not have the ability to change to Events per
each email. This is possible by customizing the connector to ingest
multiple emails at a time as events and g...
You can utilize alert grouping rules to group the individual alerts into
a single case. You are also able to define some of the fields that can
then be used for grouping in the connector
configuration.https://cloud.google.com/chronicle/docs/soar/inve...
