Proofpoint Forensics Lookup

[typonino]

Request Type

Analyzer

Description

Hello,
I have created an analyzer for Proofpoint Forensics lookup. Proofpoint API is available to proofpoint customers and allows for searching url, file, or hash.
This cortex analyzer allows to search for known ioc against proofpoint forensics.

Possible Solutions

proofpoint forensics description: https://help.proofpoint.com/Threat_Insight_Dashboard/API_Documentation/Forensics_API

[saadkadhi]

Hi @typonino. Thank you for this new contribution. Can you please submit a PR for the analyzer (or analyzers/analyzer flavors if you separated file analysis from URL/hash) against develop so we can review it and add it to the repo?

[typonino]

hello Saad,
I have added new pull Request "Proofpoint Threat Insight Lookup #120" based on dev branch.
Let me know if it's ok like this.

Regards,

[nadouani]

Hello @typonino I think that you deleted the PR (#120)

[typonino]

Hello @nadouani ,

i'm newbie in github. I have tried to create different branch for different analyzers.
I have removed and create new branch for each analyzer.
For this one, you can find the information here

When creating pull request, it is sent to my repo not yours. I think i have still missed a step again :)
If you can help me on this, i would appreicate !

Regards,

[nadouani]

OK, you need to submit the PR again on the main Cortex-Analyzers repository.

Note that we are notified for any submitted PR, or comment on any issue, so we are aware of the cool stuff people contribute ;)

Thanks

[nadouani]

you can submit the PR like this https://help.github.com/articles/creating-a-pull-request-from-a-fork/

[typonino]

I get it ! thank you :)

associated pull request is #123

[3c7]

Thanks @typonino!