The Protecti connector allows Incident Responders (IR) and SOC Analysts to quickly check and update file reputation during investigations. When an alert or incident involves a file (hash or artifact), this connector enriches it with reputation intelligence from Seqrite Protecti, helping you determine whether the file is malicious, suspicious, or safe.
This enrichment enables analysts to validate threats faster, reduce false positives, and confidently take response actions such as containment or remediation.
Analyst actions supported:
- GetFileReputation – Fetch the latest reputation of a file during investigation.
- UpdateFileReputation – Submit or refresh file reputation based on analysis outcomes.