RecordedFuture-HASH-Obs_in_Underground-TIProcessor
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
[Deprecated] Deprecated due to changes in the Threat Intelligence Platform. Use the new IndicatorImport playbooks that is provided in this Solution. This playbook leverages the Recorded Future API and automatically imports the Observed in Underground Virus Testing Sites Hash RiskList, as Threat Intelligence Indicators, for detection purposes in Microsoft Sentinel. This playbook depends on RecordedFuture-ImportToSentinel that need to be installed manually before installing current playboo
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Recorded Future |
| Source | View on GitHub |
Logic App Connectors
This playbook uses 2 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
recordedfuture |
Managed | 0 | 1 |
recordedfuturev2 |
Managed | 1 | 0 |
Action parameters (URLs, paths, function IDs)
recordedfuture (Managed)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Recorded_Future_RiskLists_and_SCF_Download | get | /fusion/files |
— |
Additional Documentation
📄 Source: Deprecated/RecordedFuture-HASH-Observed_in_Underground_Virus_Test_Sites-IndicatorProcessor/readme.md
[DEPRECATED]: Use the new RecordedFuture-ThreatIntelligenceImport playbook. Type: Detection Included in Recorded Future Intelligence Solution: Yes
Retrieves the Risk List - Observed in Underground Virus Testing Sites Hash (requires login), and adds the IOCs to the ThreatIntelligenceIndicator table.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊