Cyware 提供威胁情报管理、安全协作和协调的响应解决方案。 Cyware Response 是端到端事件管理和威胁响应自动化平台。 可以将 Cyware Respond 插件与Microsoft Security Copilot一起使用,以查找特定类型的事件、操作、应用程序、关键软件资产、恶意软件、漏洞等。


本文包含有关第三方插件的信息。 这是为了帮助完成集成方案而提供的。 但是,Microsoft不提供对第三方插件的故障排除支持。 请联系第三方供应商获取支持。


与 Security Copilot 集成需要 API 密钥。 在使用插件之前,需要执行以下步骤。

  1. 获取 Cyware Respond API 密钥。 如果还没有,请按照以下步骤操作:

    1. 转到 Cyware 网站 并创建帐户。

    2. 转到“管理”面板,然后转到“打开 API”。

    3. 创建新的 OpenAPI 凭据集。

    4. 复制生成的 OpenAPI 令牌。

  2. 登录到 Microsoft Security Copilot

  3. 通过从提示栏中选择“插件”按钮,访问“管理插件”。

  4. 在“Cyware Respond”旁,选择“设置”。

  5. 提供 Cyware Respond 实例 URL 和 API 令牌。

  6. 选择“保存并测试”。 然后选择“保存”。

示例 Cyware 响应提示

配置 Cyware Respond 插件后,可以通过在Security Copilot提示栏中键入Cyware Respond操作来使用它。 下表提供了几个可以尝试的示例:

功能 示例提示
查询事件 "Search for incidents related to 'ransomware' in Cyware Respond."

"Find incidents mentioning 'data breach' in Cyware Respond."
正在检索事件详细信息 "Get details for the above incident from Cyware Respond."

"Show more information about the incident in Cyware Respond with UUID <uuid>."
查询操作 "Look up actions tagged with 'isolate' from this week in Cyware Respond."

"Find all 'network scan' actions performed yesterday in Cyware Respond."
操作详细信息 "Retrieve details of the last action we discussed from Cyware Respond."

"Can you provide more info on the previously mentioned action in Cyware Respond?"
查询应用程序 "Search for applications with 'firewall' in their name in Cyware Respond."

"Find security tools updated recently in Cyware Respond."
应用程序详细信息 "Get details for the above application from Cyware Respond."

"Show configuration details for the previously discussed security application in Cyware Respond."
查询软件资产 "List critical software assets in Cyware Respond."

"Search for software needing updates in Cyware Respond."
软件详细信息 "Provide details for the last mentioned software asset in Cyware Respond."

"Can you fetch the version info of the software we talked about earlier in Cyware Respond?"
查询市场活动 "Find all active campaigns related to 'phishing' in Cyware Respond."

"Search for recent campaigns targeting remote employees in Cyware Respond."
活动详细信息 "Get campaign details for the previously mentioned campaign in Cyware Respond."

"Show more details about that cyber threat campaign from Cyware Respond."
查询威胁情报 "Search for threat intel on 'DDoS attacks' in Cyware Respond."

"Retrieve updates on 'APT groups' from this week in Cyware Respond."
威胁情报详细信息 "Show details of the last threat intel we discussed in Cyware Respond."

"Can you provide more info on the threat actor mentioned earlier in Cyware Respond?"
查询恶意软件 "Find all malware detections from the past week in Cyware Respond."

"Search for 'spyware' detections in the marketing department in Cyware Respond."
恶意软件详细信息 "Give me the details of the previously mentioned malware in Cyware Respond."

"I need more information on that 'ransomware' we identified in Cyware Respond."
查询漏洞 "Search for high-severity vulnerabilities in Cyware Respond."

"List all vulnerabilities discovered in the network infrastructure in Cyware Respond."
漏洞详细信息 "Get details of the vulnerability we discussed last time in Cyware Respond."

"Show mitigation steps for the above-mentioned vulnerability in Cyware Respond.

Cyware 插件疑难解答


如果遇到错误(例如 无法完成请求发生未知错误),请确保插件已打开。 如果问题仍然存在,请注销Security Copilot,然后重新登录。




若要提供反馈,请联系 Cyware


