Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Playbooks/RecordedFuture_IP_ActCommC2C
История
Adrian P fc10e8553d
Add files via upload 		2020-11-26 12:39:25 +00:00
..
RecordedFuture_IP_ActCommC2C_ImportToSentinel.json Add files via upload 2020-11-26 12:39:25 +00:00
RecordedFuture_IP_ActCommC2C_IndicatorProcessor.json Add files via upload 2020-11-26 12:39:25 +00:00
readme.md Add files via upload 2020-11-09 10:24:39 +00:00

readme.md

RecordedFuture - IP - Actively Communicating C&C Server

author: Adrian Porcescu, Recorded Future

These playbooks leverage the Recorded Future API to automate the ingestion of Recorded Future Actively Communicating C&C Server IP RiskList, into the ThreatIntelligenceIndicator table, for detection (alert) actions in Microsoft Azure Sentinel. For additional information please visit Recorded Future.

Note: Due to internal Microsoft Logic Apps dependencies, please deploy first the ImportToSentinel playbook before the IndicatorProcessor one.

Links to deploy the RecordedFuture_IP_ActCommC2C_IndicatorProcessor playbook template:

Links to deploy the RecordedFuture_IP_ActCommC2C_ImportToSentinel playbook template: