Change log for PROOFPOINT_TAP_THREATS

Date	Changes
2025-01-09	- Newly created parser. - Mapped "id" to "metadata.product_log_id". - Mapped "TAP Threats" to "metadata.product_name". - Mapped "Proofpoint" to "metadata.vendor_name". - Mapped "Proofpoint_Threats_Feed" to "metadata.product_event_type". - Mapped "name" to "security_result.threat_name". - Mapped "identifiedAt" to "security_result.first_discovered_time". - Mapped "type" to "metadata.product_event_type". - Mapped "status" to "security_result.threat_status". - Mapped "severityScore" to "threat_result.severity" and "threat_result.severity_details". - Mapped "category" to "security_result.category_details". - Mapped "attackSpread" to "security_result.verdict_info.global_customer_count". - Mapped "geoTargeted" to "additional.fields". - Mapped "verticallyTargeted" to "additional.fields". - Mapped "notable" to "additional.fields" and "security_result.priority". - Mapped "detectionType" to "additional.fields". - Mapped "actors" to "security_result.associations.associated_actors". - Mapped "families" to "security_result.associations.associated_actors". - Mapped "malware" to "security_result.associations.associated_actors". - Mapped "techniques" to "security_result.attack_details.techniques". - Mapped "brands" to "security_result.associations.associated_actors".

Date

Changes

2025-01-09

- Newly created parser.
- Mapped "id" to "metadata.product_log_id".
- Mapped "TAP Threats" to "metadata.product_name".
- Mapped "Proofpoint" to "metadata.vendor_name".
- Mapped "Proofpoint_Threats_Feed" to "metadata.product_event_type".
- Mapped "name" to "security_result.threat_name".
- Mapped "identifiedAt" to "security_result.first_discovered_time".
- Mapped "type" to "metadata.product_event_type".
- Mapped "status" to "security_result.threat_status".
- Mapped "severityScore" to "threat_result.severity" and "threat_result.severity_details".
- Mapped "category" to "security_result.category_details".
- Mapped "attackSpread" to "security_result.verdict_info.global_customer_count".
- Mapped "geoTargeted" to "additional.fields".
- Mapped "verticallyTargeted" to "additional.fields".
- Mapped "notable" to "additional.fields" and "security_result.priority".
- Mapped "detectionType" to "additional.fields".
- Mapped "actors" to "security_result.associations.associated_actors".
- Mapped "families" to "security_result.associations.associated_actors".
- Mapped "malware" to "security_result.associations.associated_actors".
- Mapped "techniques" to "security_result.attack_details.techniques".
- Mapped "brands" to "security_result.associations.associated_actors".