IBM Security QRadar SOAR

 View Only
  • 1.  Django CTS Example

    IBM Champion
    Posted Wed May 19, 2021 09:50 AM
    All,

    Hoping to get some insight from an IBMer on this one. I noticed the 'Django CTS Example' was removed from the resilient-python-examples github repository (see this commit https://github.com/ibmresilient/resilient-python-examples/commit/9deeb2c27079b7240668b6e0310dce3d9020e1fa).

    I'm hoping someone can shed some light on why it was deleted? Does this mean something else (like a different CTS example) is coming soon, or is the rc-cts library going to be the preferred way to create CTSes in the future?

    Thanks!

    ------------------------------
    Liam Mahoney
    ------------------------------


  • 2.  RE: Django CTS Example

    Posted Thu May 20, 2021 09:29 AM

    Hi Liam,

    The Django solution was a pretty old example which we were not maintaining and may have been incorrect as well. The rc-cts style for writing custom thread services is the preference solution.

    There are future changes for support for custom threat services (CTS) coming. This is because CTSs are based on webhooks and webhooks are problematic in containerized environments. We don't have any specifics yet. But writing custom threat services to use rc-cts may provide a common structure to assist in support of these future changes.

    Regards,
    Mark



    ------------------------------
    Mark Scherfling
    ------------------------------



  • 3.  RE: Django CTS Example

    IBM Champion
    Posted Thu May 20, 2021 09:34 AM
    Thanks for the information Mark!

    ------------------------------
    Liam Mahoney
    ------------------------------