Hi all,
Anyone here used the integration with Cuckoo Sandbox ?
https://integrations.siemplify.co/doc/cuckoo#detonate-file
I wonder how a file is submitted to the integration in order to be analyzed, looks like it requires a local path to the file, but how exactly does it work ?
Cuckoo Sandbox integration
+7The way we use it is an automatic process, if a file is deemed suspicious, the file is retrieved from the endpoint with a path in the backend as the destination to download the file to. Then, this path is fed to the Symantec CAS integration to pick it up from there after which another action is executed to delete the file on the backend after been picked up successfully for detonation
+7Hi Rachel, I haven't used Cuckoo before but I checked out the integration. I have used Symantec CAS. You provide the path to where the file is on the Siemplify backend and it will be picked up from there by the integration for the analysis.
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.