Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Pull detailed attributes about individual threats observed in their environment. For more information, visit the Proofpoint TAP documentation
External DocumentationTo learn more, visit the Proofpoint TAP documentation.

Parameters

ParameterDescription
Threat IDThe threat unique identifier. Can be retrieved from the ‘List Events Of All Known Threats’. Or the URL suffix of the TAP Dashboard Threat Detail page.

Example Output

{
	"id": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"identifiedAt": "2020-07-21T15:30:10.000Z",
	"name": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"type": "attachment",
	"category": "malware",
	"status": "active",
	"severity": 20,
	"attackSpread": 62,
	"notable": false,
	"verticals": false,
	"geographies": false,
	"actors": [
		{
			"id": "6e3b86b0-a823-4ed6-8d75-db4d7ead43ba",
			"name": "TA505"
		}
	],
	"families": [
		{
			"id": "cfd29eb5-544f-4ef4-920c-7c4e428931e0",
			"name": "Banking"
		}
	],
	"malware": [
		{
			"id": "8faf65ef-0524-45e0-a036-d1b6e261825c",
			"name": "Ursnif"
		}
	],
	"techniques": [
		{
			"id": "accc60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "XL4 macros"
		}
	],
	"brands": [
		{
			"id": "acasd60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "DocuSign"
		}
	]
}

Workflow Library Example

Get Threat Details with Proofpoint Tap and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop