ReversingLabs
Important
Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
ReversingLabs provides empowers SOC teams to understand the file-based threats in an environment. Analysts can use Copilot for Security to summarize complex file reputation information and file analysis reports for quicker triage and response time.
Note
This article contains information about third-party plugins. This is provided to help complete integration scenarios. However, Microsoft does not provide troubleshooting support for third-party plugins. Contact the third-party vendor for support.
Know before you begin
Integration with Copilot for Security requires a Spectra Intelligence user account. You'll need to take the following steps before using the plugin.
Get your ReversingLabs user account and password.
Sign in to Microsoft Copilot for Security.
Access Manage Plugins by selecting the Plugin button from the prompt bar.
- If you use, ReversingLabs Spectra Analyze, select "Set Up" to configure and enable it.
- If you use, ReversingLabs Spectra Intelligence, select "Set Up" to configure and enable it.
In the ReversingLabs settings pane, provide your ReversingLabs user account and password.
Save your changes.
Sample ReversingLabs Spectra Intelligence prompts
After the ReversingLabs Spectra Intelligence plugin is configured, you can use it by typing ReversingLabs in your Copilot for Security prompt bar, followed by an action. The following table provides several examples you can try:
| Capability Prompt Suggestion | Description | Example natural language prompt |
|---|---|---|
GetFileHashReputation |
This capability is used to retrieve file hash reputation information. | What is the reputation of hash a6e728c3331f46763f643f7192959716034767e5? |
GetDetailedFileAnalysisResults |
Retrieve additional analysis details for the supplied file hash. | Get the MITRE ATT&CK techniques from the detailed file analysis of a6e728c3331f46763f643f7192959716034767e5. |
GetDynamicAnalysisReport |
Retrieve the full sandbox dynamic analysis report for the supplied file hash. | Get the dynamic analysis report for a6e728c3331f46763f643f7192959716034767e5 and summarize any new network connections created. |
Sample ReversingLabs Spectra Analyze prompts
After the ReversingLabs Spectra Analyze plugin is configured, you can use it by typing ReversingLabs in your Copilot for Security prompt bar, followed by an action. The following table provides several examples you can try:
| Capability Prompt Suggestion | Description | Example natural language prompt |
|---|---|---|
GetFileClassification |
This capability is used to retrieve file hash classification information from a Spectra Analyze appliance. | What is the classification of hash a6e728c3331f46763f643f7192959716034767e5? |
GetTiCoreReport |
Retrieve the TitanumCore analysis report for the provided file hash from a Spectra Analyze appliance. | Get the TiCore report for hash a6e728c3331f46763f643f7192959716034767e5 |
Frequently Asked Questions (FAQ)
Why are prompts failing to invoke ReversingLabs?
If prompts fail to invoke, make sure you're using a supported prompt (see the preceding examples). Otherwise, invoke ReversingLabs directing by using /.
Why are prompts failing to return data?
If prompts fail to return data, check your Spectra Intelligence usage limits.
Provide feedback
To provide feedback, contact ReversingLabs.