The C2 Malware Traffic Response Solution Pack offers a suite of playbooks tailored for investigating and countering C2 (Command and Control) attacks. During these attacks, a system compromised by malware establishes a connection with the attacker's server, known as the C2 server, to facilitate ongoing communication. The primary objectives of such attacks include gaining control over the infected system, exfiltrating data, or deploying additional malicious software.
C2 Malware Traffic Response Solution Pack v1.0.1 release brings a range of enhancements and new features designed to bolster your defenses against Command and Control (C2) attacks.
Key Enhancements

New Playbooks:

• IP Address - Fortinet FortiGate - Isolate/Block:

  • Introducing a new playbook to fortify your defenses on Fortinet FortiGate firewalls. This playbook empowers you to swiftly isolate or block malicious IP addresses, mitigating potential threats at the network level.

• Get Related IOCs For An IP:

  • A valuable addition to your investigative toolkit, this playbook allows you to search for known Indicators of Compromise (IOCs) related to a specific malicious IP address. Strengthen your threat intelligence and proactively respond to evolving cyber threats.

• To access further details, refer to the Release Notes available at https://github.com/fortinet-fortisoar/solution-pack-c2-malware-traffic-response/blob/release/1.0.1/r...