PaloAltoNetworks / minemeld-wd-atp

MineMeld nodes for MSFT WD ATP API
Apache License 2.0
1 stars 7 forks source link

Severity feature #12

Open dont-poke-the-bear opened 3 years ago

dont-poke-the-bear commented 3 years ago

Description

Add pick-list for MSFT supported severity levels to the output node UI and logic to add the assigned severity value to the API call.

Motivation and Context

Severity in MSFT Defender ATP is useful for triggering alerts and prioritizing actions. Issue #11 https://github.com/PaloAltoNetworks/minemeld-wd-atp/issues/11

How Has This Been Tested?

Installed modified extension on fresh install of Minemeld v0.9.70. Configured output node for tenant and added IOCs to assigned input node. Verified IOCs were successfully imported into MSFT Defender ATP and the severity value was set correctly. Changed severity value in output node UI and reran IOC add test to verify each severity value was successful.

Types of changes

Checklist