Darktrace for Splunk SOAR app icon

Darktrace for Splunk SOAR

This app integrates with Darktrace to perform investigative and containment actions

Built by
soar product badge
screenshot
screenshot
Latest Version 1.0.8
April 14, 2025
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3
Rating

0

(0)

Log in to rate this app
Support
Darktrace for Splunk SOAR support icon
Developer Supported connector
This app integrates with Darktrace to perform investigative and containment actions

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using the supplied configuration
  • get device tags: Receive all of the tags that are currently applied to a device
  • get tagged devices: Receive all of the devices that currently have a given tag
  • get breach comments: Receive all comments made on a model breach
  • on poll: Ingests Darktrace model breaches and Cyber AI Analyst investigations
  • get device description: Receive device description for the specified device
  • get device modelbreaches: Receive recent model breaches for the specified device
  • acknowledge breach: Acknowledge a model breach
  • unacknowledge breach: Unacknowledge a model breach
  • post comment: Post a comment to a model breach
  • post tag: Post a tag to a device
  • get breach connections: Receive connections involved in a model breach

Categories

Network Security, SIEM

Created By

SOAR Community

Source Code

darktrace(Opens new window)

Type

connector

Downloads

735

Licensing

Apache License Version 2.0(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing