Azure-Sentinel/Playbooks/RecordedFuture_Generic_Detection/readme.md

RecordedFuture - Generic Detection (Very Malicious IPs and Domains)

author: Adrian Porcescu, Recorded Future

These playbook leverage the Recorded Future API to automate the import of the Recorded Future Risklists with Very Malicious (Score 90+) IPs and Domains, as tiIndicators, into the ThreatIntelligenceIndicator table, for detection (alerting) purposes in Azure Sentinel. For additional information please visit Recorded Future.

Note: Due to internal Microsoft Logic Apps dependencies, please deploy first the ImportToSentinel playbook before the IndicatorProcessor one.

Links to deploy the RecordedFuture_Generic_Detection_ImportToSentinel playbook template:

Links to deploy the RecordedFuture_Generic_Detection_IndicatorProcessor playbook template: