Google Threat Intelligence

This guide will use Python to connect to ASM via API to create and/or delete. The script will contain a menu with 3 options List current projects and project ID Create New Project Delete Project Step 1: Import "request" Module & Create Main Function     import requests def main(): try: # Input API key and Secret via api_credentials.json file with open('api_credentials.json', 'r') as file: credentials = json.load(file) api_key = credentials.get('api_key') api_secret = credentials.get('api_secret') except FileNotFoundError: # Error message if api_credentials.json file is not found print("Error: api_credentials.json not found.") exit(1) except json.JSONDecodeError: # Error message if api_credentials.json is not formated correctly print("Error: Unable to parse api_credentials.json.") exit(1)    

The following two examples can be used as a reference for basic calls to the ASM API.   In both examples, the keys are fabricated and shown for the purpose of demonstrating how to correctly set the headers for each call.     curl https://asm-api.advantage.mandiant.com/api/v1/projects -H 'INTRIGUE_ACCESS_KEY: myaccesskey' -H 'INTRIGUE_SECRET_KEY: mysecretkey'     Invoke-WebRequest http://asm-api.advantage.mandiant.com/api/v1/projects -Headers @{'INTRIGUE_ACCESS_KEY' = 'myaccesskey'; 'INTRIGUE_SECRET_KEY' = 'mysecretkey'} -UseBasicParsing          

How to enable SSO on Mandiant?

I'd like to know if ASM SaaS is vulnerable to the following critical vulnerabilities(specifically, if ASM utilizes WS_FTP or Confluence Data Center or Servers)?On September 14, 2023, Progress Software released a security advisory for a remote code execution (RCE) vulnerability in the WinSock File Transfer Protocol (WS_FTP) Server, which Mandiant Intelligence rates as High-risk. The vulnerability tracked as CVE-2023-40044 caused by a flaw in how the WS_FTP Server handles ad-hoc commands, which an attacker can exploit by sending a specially crafted request to the server to execute arbitrary code on the system. (CVSSv3.1 Base 9.8)On October 4, 2023, Atlassian published a security advisory on a critical vulnerability (CVE-2023-22515) in publicly accessible Confluence Data Center and Server instances where an attacker could create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites not affecte

  We are excited to announce the availability of Google Cloud Security Customer Success subscriptions.   Optimize your Google Cloud Security experience to achieve desired business outcomes together with a team of security experts. Choose the right success offering that best fits your organizational objectives and acquired security subscriptions. Standard: Offers digital and self-service resources, including onboarding, subscription walkthroughs, documentation, and access to knowledge base with product trainings. Expert: Offers a designated Customer Success Manager and Technical Solutions Consultants, providing customized success plans, and strategic guidance.

We have a webinar, Living on the Edge: Investigating Ivanti Connect Secure VPN Zero-Day Exploits coming up this Thursday January 18, 2024. It is a free webinar. Click here to sign up.   

Is there a good explanation why some inferred CVEs come without a reference to (MA)TI Threat Intelligence when the vuln exists in MATI Vulns?For instance CVE-2022-36760 had been detected by ASM, but the link to MATI is missing even so so it seems the CVE had been added to MATI early 2023.help please?

Mandiant Attack Surface Management 30-day free trial https://www.mandiant.com/attack-surface-management-free-trial