Blue Team

When initializing copilot, the default profile loaded is Blue Team.

During the initialization phase, Webamon fetches your integration credentials from AWS Secrets store. It then loads the plugins with your credentials into the containerized memory. Credentials are never saved to disk

The initial reply from Blue Team Copilot will list the current integrations that have been loaded and their available function calls

In the below example we ask the Copilot to show us the field mappings for Webamon scans, allowing us to then hunt with Copilot downstream.

When prompting Copilot to call a tool (1) it will display the suggested tool along with any arguments (2). Press enter or click the send button (3) to confirm, anything else will reject the function call

Once confirmed, the Blue Team Copilot will execute the function, parse the response and display in a human readable format.