Merge branch 'tapishj/PAPP-35152' of github.com:splunk-soar-connector…

…s/ciscotalosintelligence into tapishj/PAPP-35152
splunk-soar-connectors · Dec 5, 2024 · df7592b · df7592b
2 parents 643ebe2 + 3135d7a
commit df7592b
Showing 1 changed file with 17 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 Publisher: Splunk  
 Connector Version: 1.0.1  
 Product Vendor: Cisco  
-Product Name: Talos Cloud Intelligence  
+Product Name: Talos Intelligence  
 Product Version Supported (regex): ".\*"  
 Minimum Product Version: 6.2.2  
 
@@ -24,18 +24,19 @@ This app provides investigative actions for Cisco Talos Intelligence
 [comment]: # "either express or implied. See the License for the specific language governing permissions"
 [comment]: # "and limitations under the License."
 [comment]: # ""
-## Getting a Talos license 
+## Cisco Talos Intelligence license for Splunk SOAR (Cloud)
 
-A request needs to be made to the Talos team. In the configuration window please insert the certificate contents and
-private key separatley.  
+The Cisco Talos Intelligence license is included with your Splunk SOAR (Cloud) license.
 
-## Talos
+## Overview
 
-This app makes use of Ciscos Talos API that specializes in identifying, analyzing, and mitigating cybersecurity threats
+This app uses the Cisco Talos API that specializes in identifying, analyzing, and mitigating cybersecurity threats
+
+For additional details, see the [Cisco Talos Intelligence article](https://docs.splunk.com/Documentation/SOAR/drafts/Playbook/Talos) in the Splunk SOAR documentation.
 
 
 ### Configuration Variables
-The below configuration variables are required for this Connector to operate.  These variables are specified when configuring a Talos Cloud Intelligence asset in SOAR.
+The below configuration variables are required for this Connector to operate.  These variables are specified when configuring a Talos Intelligence asset in SOAR.
 
 VARIABLE | REQUIRED | TYPE | DESCRIPTION
 -------- | -------- | ---- | -----------
@@ -46,9 +47,9 @@ VARIABLE | REQUIRED | TYPE | DESCRIPTION
 
 ### Supported Actions  
 [test connectivity](#action-test-connectivity) - Validate the asset configuration for connectivity using supplied configuration  
-[ip reputation](#action-ip-reputation) - Query IP info  
-[domain reputation](#action-domain-reputation) - Query domain info  
-[url reputation](#action-url-reputation) - Query URL info  
+[ip reputation](#action-ip-reputation) - Look up Cisco Talos threat intelligence for a given IP address.  
+[domain reputation](#action-domain-reputation) - Look up Cisco Talos threat intelligence for a given domain.  
+[url reputation](#action-url-reputation) - Look up Cisco Talos threat intelligence for a given URL.  
 
 ## action: 'test connectivity'
 Validate the asset configuration for connectivity using supplied configuration
@@ -65,12 +66,12 @@ No parameters are required for this action
 No Output  
 
 ## action: 'ip reputation'
-Query IP info
+Look up Cisco Talos threat intelligence for a given IP address.
 
 Type: **investigate**  
 Read only: **True**
 
-Provide information on an IP address's reputation, enabling you to take proper action against untrusted, and unwanted resources.
+Provides information on an IP address's reputation, so you can take appropriate action against untrusted or unwanted resources.
 
 #### Action Parameters
 PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
@@ -92,12 +93,12 @@ action_result.data.\*.AUP | string |  |
 action_result.summary.message | string |  |   72.163.4.185 has a Favorable threat level   
 
 ## action: 'domain reputation'
-Query domain info
+Look up Cisco Talos threat intelligence for a given domain.
 
 Type: **investigate**  
 Read only: **True**
 
-Provide information on a domain's reputation, enabling you to take proper action against untrusted, and unwanted resources.
+Provides information on a domain's reputation, so you can take appropriate action against untrusted or unwanted resources.
 
 #### Action Parameters
 PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS
@@ -119,12 +120,12 @@ action_result.data.\*.AUP | string |  |
 action_result.summary.message | string |  |   splunk.com has a Favorable threat level   
 
 ## action: 'url reputation'
-Query URL info
+Look up Cisco Talos threat intelligence for a given URL.
 
 Type: **investigate**  
 Read only: **True**
 
-Provide information on an URL's reputation, enabling you to take proper action against untrusted, and unwanted resources.
+Provides information on a URL's reputation, so you can take appropriate action against untrusted or unwanted resources.
 
 #### Action Parameters
 PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS