Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
CylancePROTECT app icon

CylancePROTECT

This app supports the various investigative, containment, and corrective actions on CylancePROTECT

Built by
soar product badge
Latest Version 2.0.7
September 5, 2025
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3
Rating

0

(0)

Log in to rate this app
Support
CylancePROTECT support icon
Splunk Supported connector
Ranking

#23

in Endpoint
This app supports the various investigative, containment, and corrective actions on CylancePROTECT

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using the supplied configuration
  • list endpoints: List all the endpoints/sensors configured on the device
  • list threats: Get a list of threats on the specific device
  • get system info: Get information about an endpoint
  • hunt file: Hunt a file on the network using the hash
  • get global list: Retrieve the hashes for the given type of list
  • unblock hash: Unblock a file hash
  • block hash: Block a file hash
  • get file: Download a file to the vault
  • get file info: Get information about a file
  • update zone: Update the details of a zone
  • list policies: Get a list of tenant policies
  • list zones: Get a list of tenant zones

Categories

Endpoint

Created By

Splunk LLC

Source Code

GitHub(Opens new window)

Type

connector

Downloads

20,710

Licensing

Splunk General Terms(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing