Pull detailed attributes about individual threats observed in their environment. For more information, visit the Proofpoint TAP documentation

External Documentation

To learn more, visit the Proofpoint TAP documentation.

Parameters

ParameterDescription
Threat IDThe threat unique identifier. Can be retrieved from the ‘List Events Of All Known Threats’. Or the URL suffix of the TAP Dashboard Threat Detail page.

Example Output

{
	"id": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"identifiedAt": "2020-07-21T15:30:10.000Z",
	"name": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"type": "attachment",
	"category": "malware",
	"status": "active",
	"severity": 20,
	"attackSpread": 62,
	"notable": false,
	"verticals": false,
	"geographies": false,
	"actors": [
		{
			"id": "6e3b86b0-a823-4ed6-8d75-db4d7ead43ba",
			"name": "TA505"
		}
	],
	"families": [
		{
			"id": "cfd29eb5-544f-4ef4-920c-7c4e428931e0",
			"name": "Banking"
		}
	],
	"malware": [
		{
			"id": "8faf65ef-0524-45e0-a036-d1b6e261825c",
			"name": "Ursnif"
		}
	],
	"techniques": [
		{
			"id": "accc60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "XL4 macros"
		}
	],
	"brands": [
		{
			"id": "acasd60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "DocuSign"
		}
	]
}

Workflow Library Example

Get Threat Details with Proofpoint Tap and Send Results Via Email

Preview this Workflow on desktop

Pull detailed attributes about individual threats observed in their environment. For more information, visit the Proofpoint TAP documentation

External Documentation

To learn more, visit the Proofpoint TAP documentation.

Parameters

ParameterDescription
Threat IDThe threat unique identifier. Can be retrieved from the ‘List Events Of All Known Threats’. Or the URL suffix of the TAP Dashboard Threat Detail page.

Example Output

{
	"id": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"identifiedAt": "2020-07-21T15:30:10.000Z",
	"name": "029bef505d5de699740a1814cba0b6abb685f46d053dea79fd95ba6769e40a6f",
	"type": "attachment",
	"category": "malware",
	"status": "active",
	"severity": 20,
	"attackSpread": 62,
	"notable": false,
	"verticals": false,
	"geographies": false,
	"actors": [
		{
			"id": "6e3b86b0-a823-4ed6-8d75-db4d7ead43ba",
			"name": "TA505"
		}
	],
	"families": [
		{
			"id": "cfd29eb5-544f-4ef4-920c-7c4e428931e0",
			"name": "Banking"
		}
	],
	"malware": [
		{
			"id": "8faf65ef-0524-45e0-a036-d1b6e261825c",
			"name": "Ursnif"
		}
	],
	"techniques": [
		{
			"id": "accc60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "XL4 macros"
		}
	],
	"brands": [
		{
			"id": "acasd60d8-4426-4ba2-b2f5-f9ec2eb4685b",
			"name": "DocuSign"
		}
	]
}

Workflow Library Example

Get Threat Details with Proofpoint Tap and Send Results Via Email

Preview this Workflow on desktop