threat_match
Match a threat event against the threat database to retrieve known signatures based on fingerprint similarity.
Instructions
Find known threat signatures matching a threat event.
Compares the event fingerprint against the threat database. Requires Pro tier or Novyx Cloud.
Args: threat_event: JSON string describing the threat to match. min_similarity: Minimum similarity threshold 0.0-1.0 (default 0.8).
Returns: JSON string with matching signatures.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| threat_event | Yes | ||
| min_similarity | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |