Add To Blocklist Deep Visibility - Blink Documentation

From Deep Visibility results, add a SHA1 hash to the Blocklist. Set the scope of the Blocklist: Global, Account, Site, or Group. The SHA1 and the agent ID are required (see Deep Visibility > Get Events). Your role must have permissions to change the Blocklist - Admin, IR Team, SOC - and your user scope access must include the scope of the agent.

Parameters

Parameter	Description
Agent ID	Agent that reported the DV event.
Hash	Hash to add to restrictions.
Target Scope	Scope to be used for restrictions.

Example Output

{
	"errors": [
		{
			"type": "object"
		}
	],
	"data": {
		"affected": "integer"
	}
}

Workflow Library Example

Add to Blocklist Deep Visibility with Sentinelone and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example