Panda Security
PandaSecurity, a WatchGuard company, is a cybsersecurity vendor, delivering products designed to protect endpoints against outside threats.
This module provides actions and triggers to interact with the Watchguard Panda Aether platform to act on AD360 and EPP devices
Configuration
| Name | Type | Description |
|---|---|---|
base_url |
string |
WatchGuard Cloud base URL (ex. https://api.usa.cloud.watchguard.com) |
account_id |
string |
Your WatchGuard Cloud account ID |
api_key |
string |
The API key associated to your Watchguard Cloud account |
access_id |
string |
The identifier of the access credential used to authorize the requests |
access_secret |
string |
The secret of the access credential used to authorize the requests |
audience |
string |
The identifier of the managed account for service provider |
Triggers
Fetch Security Events
Fetch the last security events
Arguments
| Name | Type | Description |
|---|---|---|
frequency |
integer |
Batch frequency in seconds (default 12h) |
Outputs
| Name | Type | Description |
|---|---|---|
events |
array |
A list of security events |
Actions
Get Security Events
Retrieves a list of security events of the specified type for the specified device for a specific time period.
Arguments
| Name | Type | Description |
|---|---|---|
type |
integer |
Type of security event. Specify one of these values: - 1 — Malware - 2 — PUPs (Potentially Unwanted Programs) - 3 — Blocked Programs - 4 — Exploits - 5 — Blocked by Advanced Security - 6 — Virus - 7 — Spyware - 8 — Hacking Tools and PUPs detected by Antivirus - 9 — Phishing - 10 — Suspicious - 11 — Dangerous Actions - 12 — Tracking Cookies - 13 — Malware URLs - 14 — Other security event by Antivirus - 15 — Intrusion Attempts - 16 — Blocked Connections - 17 — Blocked Devices - 18 — Indicators of Attack Example: 13 |
period |
integer |
Period of time to retrieve security events for. Specify one of these values: - 1 - Previous 24 hours - 7 - Previous 7 days |
hostname |
string |
Host name (base-64 encoded) of the device you want to retrieve security events for. |
Outputs
| Name | Type | Description |
|---|---|---|
accessed_data |
boolean |
Indicates if data has been accessed. |
action |
integer |
Indicates the action performed. For Indicators Of Attack: - 0: Undefined - 1: Informed - 2: Attack Blocked. For other detections: - 0: Allowed - 1: Moved Quarantine - 2: Blocked - 3: Killed - 4: Ignored - 5: Cleaned - 6: Deleted - 7: Restored - 8: Allowed By Whitelist - 9: Write Blocked - 10: User Pending - 11: Uninstalled - 13: After Process Blocked - 14: Immediately Blocked - 15: Allowed By User - 16: Detected Restart Pending - 17: Allowed By Administrator - 18: AllowedSonGwInstaller - 21: Suspend Process - 1009: Informed - 1010: Unquarantine - 1011: Rename - 1012: Block URL |
alias |
string |
Alias name for device control detections. |
count |
integer |
Number of occurrences in indicators of attack detections. |
custom_group_folder_id |
string |
Identifier of the custom group folder assigned. |
custom_group_folder_info |
string |
Hierarchical structure for the assigned group and its subgroups, in JSON format. |
date |
string |
Date and time of detection. |
description |
string |
Name of device description in antivirus detections. |
detected_by |
`` | Protection or technology in antivirus detections. - 1: On Demand Scan - 2: File Resident - 3: Mail Resident - 4: Firewall - 5: Device Control - 6: Exchange Mailbox - 7: Exchange Transport - 8: Exchange Antispam - 9: Web Protection - 10: Exchange Content - 11: Minerva - 12: Web Access Control - 13: Anti-theft - 14: Anti-tampering - 15: Personal Information Tracking - 16: Isolation - 17: Data Search Control - 18: Patch Management - 19: Personal Information Inventory - 20: Application Control - 21: Encryption USB - 22: Authorized Software |
detection_technology |
string |
Name of detection technology in exploit detections. |
device_id |
string |
Identifier of the device. |
device_type |
`` | Device type in antivirus and firewall detections. - 0: Undefined - 1: Workstation - 2: Laptop - 3: Server - 4: Mobile |
direction |
`` | Direction of firewall blocked connections. - 1: Incoming - 2: Outgoing - 3: Incoming and Outgoing - 4: Internal |
discard_motive |
`` | Reason for discarding the knowledge sample. - 0: Unknown - 1: Other Reason - 2: File Max Size |
domain |
string |
Domain of device in antivirus detections. |
dwell_time |
integer |
Dwell time in seconds. |
endpoint_event_date |
string |
Endpoint event date in indicators of attack detections. |
event_id |
integer |
Identifier of the event. |
event_type |
`` | Indicates the event type. - 0: Malware - 1: Exploit - 2: Pups - 3: Blocked item - 6: Lock Plus Advanced Security - 7: Lock Plus Application Control - 8: Application Control |
excluded |
boolean |
Indicates if the element has been excluded in antivirus detection. |
exploit_technique |
string |
Exploit technique. |
file_info_discard |
string |
Hash to identify the file in antivirus detections. |
filed_date |
string |
Filed date in indicators of attack detections. |
hash |
string |
Hash of element. |
host_name |
string |
Name of the host. |
id |
string |
Identifier in antivirus detections. |
instance_id |
string |
Identifier of instance for device control detections. |
ip_address |
string |
IP address of the device in antivirus and firewall detections. |
is_excluded |
boolean |
Indicates if data has been excluded. |
item_name |
string |
Name of threat. |
like_lihood_of_being_malicious |
`` | Indicates the likelihood of being malicious. - 0: Low - 1: Medium - 2: High - 3: Very High |
local_endpoint |
`` | Firewall blocked connections for a local endpoint, in JSON format: Mac Address, IP Address, Port, and IP Type. - 0: Unknown - 1: IpV4 - 2: IpV6 |
lock_plus_rule_id |
`` | LockPlus Rule ID. - 1: Obfuscated Params Powershell - 2: User Executed Powershell - 4: Unknown Scripts - 5: Locally Built Programs - 6: Documents With Macros - 7: Windows Boot Registry - 101: Forbidden Md5 - 102: Forbidden Program Name |
made_external_connections |
boolean |
Indicates if malware made external connections. |
malware_category |
`` | Malware category in antivirus detections. - 1: Virus - 2: Spyware - 3: HackingPpnd - 4: Phishing - 5: Suspicious - 6: Blocked Operations - 7: Tracking Cookies - 8: Malware URL - 9: Others |
malware_name |
string |
Malware name in antivirus detections. |
malware_type |
`` | Malware type in antivirus detections. - 21: Nereus Heuritic - 22: Beta trace Heuritic - 23: Smart Clean Heuritic - 24: Cloud Heuritic - 25: 1N - 26: Behavioral - 31: Confirmed Goodware - 32: Not Confirmed Goodware - 33: Unwanted Goodware - 34: Ranked - 35: Digital Signature - 101: Virus - 102: Worm - 103: Trojan - 104: TrojanPwdeal - 105: Dialer - 106: Joke - 107: Security Risk - 108: Spyware - 109: Adware - 110: WormFakefrom - 111: Tracking Cookie - 112: Pup - 113: Hacking Tool - 114: Vulnerability - 115: Max Size - 116: ZipOfDeath - 117: PackerOfDeath - 118: Hoax - 119: Phis Fraud - 120: Rootkit - 121: Backdoor - 122: Virus Constructor - 123: Malicious URL - 201: Advertising - 202: Toolbar - 203: NetTool - 204: Advert Popup - 219: Illegal - 223: Internet Tools - 227: Offensive - 236: Society Education - 241: Content Filter |
network_activity_type |
`` | Network activity type in firewall detections. - 1: IcmpAttack - 2: UdpPortScan - 3: HeaderLengths - 4: UdpFlood - 5: TcpFlagsCheck - 6: SmartWins - 7: IpExplicitPath - 8: LandAttack - 9: SmartDns - 10: IcmpFilterEchoRequest - 11: OsDetection - 12: SmartDhcp - 13: SynFlood - 14: SmartArp - 15: TcpPortScan |
number_of_occurrences |
integer |
Number of occurrences in antivirus detections. |
path |
string |
Name of threat path. |
platform_id |
`` | Platform of affected device. - 0: Undefined - 1: Windows - 2: Linux - 3: Mac - 4: Android - 5: IOS |
protection_mode |
`` | Indicates the protection mode. - 0: Undefined - 1: Audit - 2: Hardening - 3: Lock |
protocol |
`` | Protocol of firewall blocked connections. - 1: Tcp - 2: Udp - 3: TcpUdp - 4: Icmp - 5: IP - 6: All |
reclassified_to_type |
`` | Indicates the type to which it has been reclassified. - 0: Blocked - 1: Malware - 3: Pup - 6: Goodware - 11: Removed From List |
remote_endpoint |
`` | Firewall blocked connections for a remote endpoint, in JSON format: Mac Address, IP Address, Port, and IP Type. - 0: Unknown - 1: IpV4 - 2: IpV6 |
risk |
boolean |
Indicates if it is a risk exploit. |
rule_configuration_id |
string |
Identifier of rule configuration in firewall blocked connections. |
rule_id |
string |
Identifier of rule in firewall blocked connections and in indicators of attack detections. |
rule_mitre |
string |
Array with JSON pairs of the attack tactic and technique in indicators of attack detections. |
rule_name |
string |
Rule name for firewall blocked connections and for indicators of attack detections. |
rule_obsolete |
boolean |
Indicates if rule is obsolete in firewall blocked connections. |
rule_risk |
`` | Indicates the rule risk for indicators of attack detections. - 0: Undefined - 1: Critical - 2: High - 3: Medium - 4: Low - 1000: Unknown |
security_event_date |
string |
Security event date and time for antivirus, firewall, and device control detections. |
since_until_filed |
string |
Time since the filed date in indicators of attack detections. |
site_id |
string |
Identifier of the site. |
site_name |
string |
Site name in antivirus and firewall detections. |
source_ip |
string |
Name of source IP. |
source_machine_name |
string |
Name of source device name. |
source_user |
string |
Source username. |
status |
`` | Indicates the status in indicators of attack detections. - 0: Undefined - 1: Pending - 2: Filed |
type |
`` | Type of device for device control detections. - 0: Undefined - 1: Removable Storage - 2: Image Capture - 3: Optical Storage - 4: Bluetooth - 5: Modem - 6: Mobile |
user_name |
string |
Username. |
was_run |
boolean |
Indicates if the item has been executed. |
Isolate Devices
Isolates the specified devices. When you isolate a device, communication to and from the device is denied.
Arguments
| Name | Type | Description |
|---|---|---|
device_ids |
array |
List of IDs of devices to isolate. Example: "cb509c17-7b88-461a-ba3b-3d43e29e6cd4","2c13685e-7d1f-4726-9ad3-5c8fa7718bab" |
exclusion_programs |
array |
List of programs to exclude from isolation and allow to communicate normally. |
customized_message |
string |
Text to show in an alert message on the isolated devices |
hide_customized_alert |
boolean |
Indicates whether to hide the customized alert message on isolated devices. |
Outputs
| Name | Type | Description |
|---|---|---|
processed_device_ids |
array |
List of IDs of the isolated devices |
Link Devices to Managed Configurations
Links devices to a specified configuration.
Arguments
| Name | Type | Description |
|---|---|---|
config_id |
string |
Identifier of the managed configuration to associate with the devices. Example: 2836d89d-1e98-4377-92b7-0a76ac2a7699 |
type |
integer |
Type of configuration. Currently, only option 2 is supported. - 2 — Workstations and servers. Example: 2 |
device_ids |
array |
List of IDs of devices to link to the specified managed configuration.. Example: cb509c17-7b88-461a-ba3b-3d43e29e6cd4,2c13685e-7d1f-4726-9ad3-5c8fa7718bab |
Retrieve Devices
Retrieves a list of devices, and additional information, such as the device IP address and operating system.
Arguments
| Name | Type | Description |
|---|---|---|
$top |
integer |
Specifies the number of objects to retrieve. Example: 5 |
$skip |
integer |
Bypasses the specified number of objects in the results returned. For example, if you specify 10, the results start at object 11. Example: 5 |
$search |
string |
Returns only objects that include the specified text string. For example, "name" returns objects that include "hostname" and "username". The supported search fields depend on the endpoint: - Devices: Host name, description, IP address, logged on user - DeviceProtectionStatus: Host name - ManagedConfigurations: Name, description Example: name |
$count |
boolean |
Indicates whether to return a counter that shows the total number of objects in the total_items response parameter. Example: true |
$orderby |
string |
Specifies how to order results. You can order by any parameter in the response and sort results in ascending or descending order. Specify a parameter name with any underscores removed, followed by a + (plus sign) and either asc (ascending) or desc (descending). For example, to order results by the host_name parameter in descending order, specify hostname+desc. If you do not specify a field to order by, the API will use the order in the database. Example: hostname+desc |
$config |
boolean |
Indicates whether the security configuration name and ID are returned. The default value is true. Example: true |
Outputs
| Name | Type | Description |
|---|---|---|
total_items |
integer |
Total number of devices. If the count request parameter is true, total_items displays the total number of devices. If count is false, then total_items displays null. Example: 42 |
data |
array |
Array of device data |
Retrieve Managed Configurations
Retrieves a list of the specified type of managed configurations associated with your WatchGuard Cloud account.
Arguments
| Name | Type | Description |
|---|---|---|
type |
integer |
Type of configuration to return. Specify one of these values: - 1 — Deployment settings - 2 — Workstations and servers - 3 — Android Example: 2 |
$top |
integer |
Specifies the number of objects to retrieve. Example: 5 |
$skip |
integer |
Bypasses the specified number of objects in the results returned. For example, if you specify 10, the results start at object 11. Example: 5 |
$search |
string |
Returns only objects that include the specified text string. For example, "name" returns objects that include "hostname" and "username". The supported search fields depend on the endpoint: - Devices: Host name, description, IP address, logged on user - DeviceProtectionStatus: Host name - ManagedConfigurations: Name, description Example: name |
$count |
boolean |
Indicates whether to return a counter that shows the total number of objects in the total_items response parameter. Example: true |
$orderby |
string |
Specifies how to order results. You can order by any parameter in the response and sort results in ascending or descending order. Specify a parameter name with any underscores removed, followed by a + (plus sign) and either asc (ascending) or desc (descending). For example, to order results by the host_name parameter in descending order, specify hostname+desc. If you do not specify a field to order by, the API will use the order in the database. Example: hostname+desc |
Outputs
| Name | Type | Description |
|---|---|---|
total_items |
integer |
Total number of devices. If the count request parameter is true, total_items displays the total number of devices. If count is false, then total_items displays null. Example: 42 |
data |
array |
List of managed configurations. |
Retrieve unmanaged devices
Retrieves a list of unmanaged devices discovered on the network.
Arguments
| Name | Type | Description |
|---|---|---|
$top |
integer |
Specifies the number of objects to retrieve. Example: 5 |
$skip |
integer |
Bypasses the specified number of objects in the results returned. For example, if you specify 10, the results start at object 11. Example: 5 |
$search |
string |
Returns only objects that include the specified text string. For example, "name" returns objects that include "hostname" and "username". The supported search fields depend on the endpoint: - Devices: Host name, description, IP address, logged on user - DeviceProtectionStatus: Host name - ManagedConfigurations: Name, description Example: name |
$count |
boolean |
Indicates whether to return a counter that shows the total number of objects in the total_items response parameter. Example: true |
$orderby |
string |
Specifies how to order results. You can order by any parameter in the response and sort results in ascending or descending order. Specify a parameter name with any underscores removed, followed by a + (plus sign) and either asc (ascending) or desc (descending). For example, to order results by the host_name parameter in descending order, specify hostname+desc. If you do not specify a field to order by, the API will use the order in the database. Example: hostname+desc |
Outputs
| Name | Type | Description |
|---|---|---|
total_items |
integer |
Total number of devices. If the count request parameter is true, total_items displays the total number of devices. If count is false, then total_items displays null. Example: 42 |
data |
array |
Array of device data |
Count Security Events
Retrieves counts of detected security events for the specified types.
Arguments
| Name | Type | Description |
|---|---|---|
type |
integer |
Types of security event counters to retrieve. This parameter is a mask. Add the values of the security event counter types you want to retrieve. For example, if you want to retrieve only programs blocked, specify 8. If you want to retrieve both PUPs and programs blocked, specify 10 because 8 (programs blocked) + 2 (PUPs) = 10. - 1 - Malware - 2 PUPs (Potentially Unwanted Programs) - 4 - Exploits - 8 - Programs Blocked - 16 - Threats detected by AV - 255 - All counters Example: 10 |
filter |
string |
Filters the security event counters by date Specify the type of security event: - 33001 — Antivirus - 32001 — Other types Specify the length of the time period in the format [x, y] where x is the number of units and y is the unit of time: - 1 — Years - 2 - Months - 3 - Days - 4 - Hours For example, this retrieves threats detected by AV for the last 7 days: filter=33001%20AmongTheLast%20[7,3]. This retrieves security event counters for the other types for the last 3 months: filter=32001%20AmongTheLast%20[3,2]. If you do not specify a filter, the API returns all of the security events for the last 30 days. Example: 33001%20AmongTheLast%20[7,3] |
Outputs
| Name | Type | Description |
|---|---|---|
exploit_counters |
object |
|
malware_counters |
object |
|
program_blocked_counters |
object |
|
pups_counters |
object |
|
threats_by_av_counters |
object |
Retrieve Device Protection Status
Retrieves a list of devices with their protection status and other device information.
Arguments
| Name | Type | Description |
|---|---|---|
$top |
integer |
Specifies the number of objects to retrieve. Example: 5 |
$skip |
integer |
Bypasses the specified number of objects in the results returned. For example, if you specify 10, the results start at object 11. Example: 5 |
$search |
string |
Returns only objects that include the specified text string. For example, "name" returns objects that include "hostname" and "username". The supported search fields depend on the endpoint: - Devices: Host name, description, IP address, logged on user - DeviceProtectionStatus: Host name - ManagedConfigurations: Name, description Example: name |
$count |
boolean |
Indicates whether to return a counter that shows the total number of objects in the total_items response parameter. Example: true |
$orderby |
string |
Specifies how to order results. You can order by any parameter in the response and sort results in ascending or descending order. Specify a parameter name with any underscores removed, followed by a + (plus sign) and either asc (ascending) or desc (descending). For example, to order results by the host_name parameter in descending order, specify hostname+desc. If you do not specify a field to order by, the API will use the order in the database. Example: hostname+desc |
Outputs
| Name | Type | Description |
|---|---|---|
total_items |
integer |
Total number of devices. If the count request parameter is true, total_items displays the total number of devices. If count is false, then total_items displays null. Example: 42 |
data |
array |
Array of device data |
Retrieve Full Encryption Module Status
Retrieves Full Encryption statistics.
Outputs
| Name | Type | Description |
|---|---|---|
total_supported_devices |
integer |
Total number of devices that support Full Encryption. |
with_decrypting_drives |
integer |
Number of devices with at least one disk currently in the decryption process. |
with_encrypted_by_user_drives |
integer |
Number of devices where a user encrypted some or all of the disks. |
with_encrypted_drives |
integer |
Number of devices with Full Encryption on all disks. |
with_encrypted_partially_by_user_drives |
integer |
Number of devices where a user encrypted some or all of the disks. Full Encryption encrypts or decrypts the remainder. |
with_encrypted_partially_drives |
integer |
Number of devices with at least one disk with Full Encryption complete. |
with_encrypting_drives |
integer |
Number of devices with at least one disk currently in the encryption process. |
with_non_encrypted_drives |
integer |
Number of devices with no disks encrypted by the user or Full Encryption. |
with_unknown_encryption_status |
integer |
Number of devices with disks encrypted with an authentication method that Full Encryption does not support. |
Retrieve Patch Management Module Status
Retrieves Patch Management statistics.
Outputs
| Name | Type | Description |
|---|---|---|
non_security_other_patches |
integer |
Number of other currently available patches that are not related to security. |
security_critical |
integer |
Number of currently available critical security patches. |
security_important |
integer |
Number of currently available security patches classified as important. |
security_low |
integer |
Number of currently available security patches classified as low importance. |
security_moderate |
integer |
Number of currently available security patches classified as moderate importance. |
security_not_classified |
integer |
Number of security patches that do not have a severity classification. |
service_pack |
integer |
Number of currently available service packs. |
total_supported_devices |
integer |
Total number of devices that support Patch Management. |
Retrieve Security overview
Retrieves counters for security overview.
Arguments
| Name | Type | Description |
|---|---|---|
period |
integer |
Period of time to retrieve security event counters for. Specify one of these values: - 1 - Previous 24 hours - 7 - Previous 7 days - 30 - Previous 30 days Example: 7 |
Outputs
| Name | Type | Description |
|---|---|---|
exploits |
`` | |
indicators_of_attack_counters |
`` | |
malware |
`` | |
programs_blocked |
`` | |
pups |
`` | |
threats_by_av_counters |
`` | |
total_devices |
integer |
Total number of devices. |
total_unmanaged_devices |
integer |
Total number of unmanaged devices. |
Scan devices
Starts a task to scan the specified devices immediately.
Arguments
| Name | Type | Description |
|---|---|---|
device_ids |
array |
List of IDs of devices to scan. Example: "cb509c17-7b88-461a-ba3b-3d43e29e6cd4","2c13685e-7d1f-4726-9ad3-5c8fa7718bab" |
task_name |
string |
Name of the scan task. Example: Routine scan |
task_description |
string |
Description of the scan task. Example: Windows 8 machines only |
scan_scope |
integer |
Scope of the scan task. Specify one of these values: - 0 - Whole computer - 1 - Critical areas - 2 - Specified items Example: 0 |
specified_items_to_scan |
string |
List of specific locations or items to scan. All folders and files in the specified locations are scanned. Works only when scan_scope is 2. Example: "C:\Downloads", "C:\Documents" |
detect_hacking_tools |
boolean |
Indicates whether to detect hacking tools. This detects potentially unwanted programs, as well as programs used by hackers. Example: false |
detect_suspicious_files |
boolean |
Indicates whether to detect suspicious files. In scheduled scans, the tool scans computer software but does not run it. Some types of threats have a lower chance of detection. Set this option to true to scan with heuristic algorithms and improve detection rates. Example: true |
scan_compressed_files |
boolean |
Indicates whether to scan compressed files. This decompresses compressed files and scans their contents. Example: true |
apply_exclusions_on_scan |
boolean |
Indicates whether to exclude items from the scan, such as specific files, files with a specific extension, or a specific directory. Example: false |
extensions_to_exclude |
string |
List of file extensions to exclude from the scan. Works only when apply_exclusions_on_scan is true. Example: "exe","pdf" |
files_to_exclude |
string |
List of file names (with their extensions) to exclude from the scan. Works only when apply_exclusions_on_scan is true. Example: "Chrome.exe", "Explorer.exe" |
folders_to_exclude |
string |
List of folders to exclude from the scan. You must include the full path. Works only when apply_exclusions_on_scan is true. Example: "D:/shared_drive/documents" |
execution_window_expiration |
string |
Time period in which the scan must run before it times out. The default is 7 days. Example: 8.07:06:05 specifies 8 days, 7 hours, 6 minutes, and 5 seconds |
Outputs
| Name | Type | Description |
|---|---|---|
no_executed_by_not_found_device_ids |
array |
|
task_id |
string |
ID of the completed scan task. |
Send action
Initiates an action on the specified devices. For example, send an action to reboot a device.
Arguments
| Name | Type | Description |
|---|---|---|
device_ids |
array |
List of IDs of devices to reboot. Example: "cb509c17-7b88-461a-ba3b-3d43e29e6cd4","2c13685e-7d1f-4726-9ad3-5c8fa7718bab" |
action_type |
integer |
Type of action to initiate on the device. Specify one of these values: - 1 - Reboot |
count_down_type |
integer |
Amount of time to count down to the action. Specify one of these values: - 1 - Immediate - 2 - Fifteen minutes - 3 - Thirty minutes - 4 - One hour - 5 - Two hours - 6 - Four hours - 7 - Eight hours |
Outputs
| Name | Type | Description |
|---|---|---|
processed_device_ids |
array |
List of IDs of the rebooted devices |
Stop devices isolation
Stops isolation on the specified devices.
Arguments
| Name | Type | Description |
|---|---|---|
device_ids |
array |
List of IDs of devices to remove from isolation. Example: "cb509c17-7b88-461a-ba3b-3d43e29e6cd4","2c13685e-7d1f-4726-9ad3-5c8fa7718bab" |
Outputs
| Name | Type | Description |
|---|---|---|
processed_device_ids |
array |
List of IDs of the devices removed from isolation |
Uninstall protection from devices
Uninstalls protection from the specified devices.
Arguments
| Name | Type | Description |
|---|---|---|
device_ids |
array |
List of IDs of devices to remove the protection. Example: "cb509c17-7b88-461a-ba3b-3d43e29e6cd4","2c13685e-7d1f-4726-9ad3-5c8fa7718bab" |
Extra
Module Panda Security v1.23.1