История

dicolanl 525d001024 Updating Deploy buttons and links part 1		2021-06-16 00:25:40 +00:00
..
RecordedFuture_C2_Malware_Detection_ImportToSentinel.json	Add files via upload	2021-04-26 10:23:23 +01:00
RecordedFuture_C2_Malware_Detection_IndicatorProcessor.json	Update RecordedFuture_C2_Malware_Detection_IndicatorProcessor.json	2021-05-05 18:05:27 +01:00
readme.md	Updating Deploy buttons and links part 1	2021-06-16 00:25:40 +00:00

readme.md

RecordedFuture - Malware C2 Detection

author: Adrian Porcescu, Recorded Future

These playbook leverage the Recorded Future API to automate the import of the Recorded Future Actively Communicating C&C Server IPs and C&C DNS Names Risklists, as tiIndicators, into the ThreatIntelligenceIndicator table, for detection (alerting) purposes in Azure Sentinel. For additional information please visit Recorded Future.

Note: Due to internal Microsoft Logic Apps dependencies, please deploy first the ImportToSentinel playbook before the IndicatorProcessor one.

Links to deploy the RecordedFuture_C2_Malware_Detect_ImportToSentinel playbook template:

Links to deploy the RecordedFuture_C2_Malware_Detection_IndicatorProcessor playbook template: