Flashpoint

This app implements the investigative actions for the Flashpoint on the Phantom Platform

Supported Actions

• test connectivity: Validate the asset configuration for connectivity using supplied configuration
• list reports: Fetch a list of all the intelligence reports from the Flashpoint Platform
• get report: Fetch a specific intelligence report from the Flashpoint Platform for the provided report ID
• list related reports: Fetch a list of all the related intelligence reports from the Flashpoint Platform for the provided report ID
• get compromised credentials: Fetch a list of all the Credential Sightings from the Flashpoint Platform
• run query: Fetch the data by performing a universal search from the Flashpoint Platform
• list indicators: Fetch a list of IoCs that occur in the context of an event from the Flashpoint Platform
• search indicators: Fetch an IoC value of a specific attribute type from the list of available IoCs on the Flashpoint Platform