e710e32e80
|
||
|---|---|---|
| .. | ||
| RecordedFuture_IP_SCF_ImportToDefenderATP.json | ||
| RecordedFuture_IP_SCF_IndicatorProcessor.json | ||
| readme.md | ||
readme.md
Recorded Future - IP - Command and Control Security Control Feed
author: Adrian Porcescu, Recorded Future
These playbooks leverage the Recorded Future API to automate the ingestion of Recorded Future IP Command and Control - Security Control Feed, into the ThreatIntelligenceIndicator table, for prevention (block) actions in Microsoft Defender ATP. For additional information please visit Recorded Future.
Note: Due to internal Microsoft Logic Apps dependencies, please deploy first the ImportToSentinel playbook before the IndicatorProcessor one.
Links to deploy the RecordedFuture_IP_SCF_IndicatorProcessor playbook template:
Links to deploy the RecordedFuture_IP_SCF_ImportToDefenderATP playbook template: