AnsweredAssumed Answered

Fortinet Scripts/Actions

Question asked by Kyle Howson on Feb 19, 2017
Latest reply on Feb 21, 2017 by Christopher Ahearn

Hey,

 

I'm looking to see if anyone has seen or developed any scripts from Netwitness to block IP's on Fortinet firewalls, etc. I am hoping to find some basics of what's needed and how to get started to start automating some of our incident response activities. 

 

Once we get an alert of someone attempting to compromise a web server or even an internal host going to a site hosting Rig Exploit kit, it would be extremely valuable and efficient to be able to right click on an IP and have actions taken on the firewalls to prevent further malicious activity.

 

Thank you for your help.

Outcomes