CYFIRMA

cyfirma is an external threat landscape management platform company offering predictive threat visibility and intelligence capabilities this connector provides the following capabilities get ioc asset setup the cyfirma asset requires an url and an api key to interact with the api configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required key key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get ioc this action provides the iocs in stix 1 1 json format endpoint url /core/api ua/threatioc/stix json method get input argument name type required description parameters delta boolean required true will return only the iocs that were added in the platform after the last api call false will return the iocs that were added in the system in the last 24 hours parameters all boolean required true will return all the iocs irrespective of whether it has been linked to the client false will return only those iocs that have been linked to the client input example {"parameters" {"delta"\ true,"all"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase observables object output field observables indicators object output field indicators indicators indicators array output field indicators indicators exploittargets object output field exploittargets incidents object unique identifier coursesofaction object output field coursesofaction campaigns object output field campaigns threatactors object output field threatactors reports object output field reports relatedpackages object output field relatedpackages id string unique identifier idref object unique identifier timestamp string output field timestamp version string output field version stixheader object output field stixheader stixheader title object output field stixheader title stixheader packageintents array output field stixheader packageintents stixheader descriptions array output field stixheader descriptions stixheader descriptions value string value for the parameter stixheader descriptions id object unique identifier stixheader descriptions ordinality object output field stixheader descriptions ordinality stixheader descriptions structuringformat object output field stixheader descriptions structuringformat stixheader shortdescriptions array output field stixheader shortdescriptions output example {"status code" 200,"response headers" {"date" "mon, 30 oct 2023 17 08 47 gmt","content type" "application/json","transfer encoding" "chunked","connection" "keep alive","vary" "origin, access control request method, access control request headers, origin, a ","content encoding" "gzip","expires" "0","cache control" "no cache, no store, max age=0, must revalidate","x xss protection" "1; mode=block, 1; mode=block","pragma" "no cache","x content type options" "nosniff, nosniff","strict transport se response headers header description example cache control directives for caching mechanisms no cache, no store, max age=0, must revalidate cf cache status http response header cf cache status dynamic cf ray http response header cf ray 81e54323fddf9a90 nag connection http response header connection keep alive content encoding http response header content encoding gzip content security policy http response header content security policy default src 'self'; frame src 'self' data ; script src 'self' 'unsafe inline' 'unsafe eval' https //storage googleapis com https //d3js org https //cdn ckeditor com https //www amcharts com https //cdn amcharts com https //d3js org/d3 v4 min js ; style src 'self' 'unsafe inline'; style src elem 'self' 'unsafe inline' https //fonts googleapis com https //www amcharts com https //d3js org https //cdn ckeditor com ; img src 'self' data ; font src 'self' data content type the media type of the resource application/json date the date and time at which the message was originated mon, 30 oct 2023 17 08 47 gmt expires the date/time after which the response is considered stale 0 permissions policy http response header permissions policy camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync xhr=(), accelerometer=(self), ambient light sensor=(self), autoplay=(self), battery=(self), camera=(self), cross origin isolated=(self), display capture=(self), document domain=(self), encrypted media=(self), execution while not rendered=(self), execution while out of viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation override=(self), payment=(self), picture in picture=(self), publickey credentials get=(self), screen wake lock=(self), sync xhr=(self), usb=(self), web share=(self), xr spatial tracking=(self) pragma http response header pragma no cache referrer policy http response header referrer policy strict origin when cross origin server information about the software used by the origin server cloudflare strict transport security http response header strict transport security max age=31536000 ; includesubdomains, max age=63072000; includesubdomains; preload transfer encoding http response header transfer encoding chunked vary http response header vary origin, access control request method, access control request headers, origin, access control request method, access control request headers x content type options http response header x content type options nosniff, nosniff x frame options http response header x frame options deny, deny x xss protection http response header x xss protection 1; mode=block, 1; mode=block