Malware detonation sandbox | Integrate#

Integrate at least one malware detonation vendor for malware detonations.

Requirements#

  • Vendors may require a subscription or available usage tokens in order for you to integrate with them and send them payloads for detonation.

Configure detonation vendor#

  1. From the left sidebar, go to Data configuration icon Data configuration > Detonation vendors.

  2. From the list of vendors, select the vendor you’d like to configure.

  3. (Optional) Edit the Description.

  4. From the Observable types drop-down menu, select the file types you’d like to send to this vendor.
    No all vendors accept all file types. The list here is limited to the file types accepted by the vendor.

  5. Check the Enabled box to be able to use the vendor after configuring it.

  6. Under Parameters, enter your credentials for the vendor you are configuring.

  7. (Optional) If required, check the SSL verification box and enter the Path to SSL certificate file.

  8. Save your changes.

Create detonations

With one or more vendors integrated, you can create malware detonations.