RecordedFuture-IP-Actively_Comm_C2_Server-TIProcessor
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
[Deprecated] Deprecated due to changes in the Threat Intelligence Platform. Use the new IndicatorImport playbooks that is provided in this Solution. This playbook leverages the Recorded Future API and automatically imports the Actively Communicating C&C Server IP RiskList, as Threat Intelligence Indicators, for detection purposes in Microsoft Sentinel. This playbook depends on RecordedFuture-ImportToSentinel that need to be installed manually before installing current playbook.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Recorded Future |
| Source | View on GitHub |
Additional Documentation
📄 Source: Deprecated/RecordedFuture-IP-Actively_Comm_C2_Server-IndicatorProcessor/readme.md
[DEPRECATED]: Use the new RecordedFuture-ThreatIntelligenceImport playbook. Type: Detection Included in Recorded Future Intelligence Solution: Yes
Retrieves the Risk List - Actively Communicating C&C IPs (requires login), and adds the IOCs to the ThreatIntelligenceIndicator table.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊