ThreatConnect Marketplace
  • Apps
  • Playbooks
  • Apps
  • Playbooks
Home » Apps Overview » BlackBerry Optics
Back to Apps
Related Resources
  • BlackBerry - Blog"
  • Blackberry - Solutions Brief

Categories:
  • Endpoint Detection and Response
Built by

ThreatConnect

BlackBerry Optics

The ThreatConnect integration with BlackBerry Optics enables automated investigation and response actions to be taken in real time. With the Playbook app, you’re provided a powerful set of actions that can be leveraged within a larger security workflow orchestration or even a simple automation. Immediate actions can be taken to investigate, stop, and remediate potential threats at the endpoint based on external threat intelligence. The following actions are available within the Playbook app:

  • Get Detections
  • Update Detections
  • Get Recent Device
  • Get Recent Detections
  • Get Detections CSV
  • Lockdown Device
  • Request File Retrieval Status from Device
  • Check File Retrieval Status from Device
  • Get Retrieved File Result

With the Service app, you can interact with BlackBerry Optics in a similar fashion to the Get Detection action in the respective playbook except on a polling schedule. Service app inputs are:

  • Poll Interval – The frequency in minutes to check for detections.
  • Max Historical Poll Start – Upon activation, the first poll will be conducted after the completion of the first Poll Interval period. On future runs, if the time of last run is greater than the poll interval the app will only retrieve data as far back as the input value for this field.
  • Severity – The severity value to use for the search.
  • Device – The device name associated with the detection record.
  • Detection Type Filter – This filters on the Detection Description field
  • Service Endpoint – The endpoint for the set of BlackBerry servers to which your Organization belongs.
  • Tenant ID – The BlackBerry Optics tenant ID. This information is found on the Optics Integrations page.
  • Application ID – The BlackBerry Optics application ID.
  • Application Secret Key – The BlackBerry Optics application secret key.

This listing can be found in the ThreatConnect App Catalog under the name: BlackBerry Optics (Playbook), BlackBerry Optics Service (Custom Trigger)

Related Apps

Cybereason
Endpoint Detection and Response

With the Cybereason  integration, customers  have the ability to query both types of malops, isolate suspicious activities,...

SentinelOne
Endpoint Detection and Response

With the SentinelOne integration, users  have the ability to interact with agents, threats, hashes, exclusions and blocklist...

CarbonBlack Playbook
Endpoint Detection and Response

This Playbook template will allow you to deploy a Yara rule to Carbon Black's Yara Manager.

Developers

  • Knowledge Base
  • Training Site

Company

  • ThreatConnect
  • Contact Us
  • Blog
  • Twitter
  • Facebook
  • Linkedin

© Copyright - ThreatConnect Marketplace
Scroll to top