Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This playbook is intended to be run from a Microsoft Sentinel incident with account and/or IP entities. It will take the IP and account entities and run four separate playbooks to indicate compromise and revoke access to Okta and Microsoft Entra ID.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Standalone Content |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊