Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
DEPRECATED: This playbook creates incidents via the Azure Microsoft Sentinel Logic Apps connector, which do not appear in the unified Microsoft Defender portal. Use RFI-Playbook-Alert-Importer-LAW instead and create incidents using a Scheduled Analytics Rule. This playbook fetches identity compromises from Recorded Future, places users in a security group and confirms them as 'risky users' in Entra ID.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Recorded Future Identity |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊