| AbuseIPDB Report IPs To AbuseIPDB After User Response In MSTeams |
AbuseIPDB |
1 |
0 |
| Advanced ServiceNow Teams Integration Playbook |
Teams |
1 |
3 |
| Azure Firewall - Add IP Address to Threat Intel Allow list |
Azure Firewall |
1 |
0 |
| Block IP - Azure Firewall IP groups |
Azure Firewall |
1 |
0 |
| Block IP - Azure Firewall IP groups - Entity trigger |
Azure Firewall |
1 |
2 |
| Block IP - Cisco ASA |
CiscoASA |
1 |
0 |
| Block IP - Cisco ASA |
๐ Standalone |
1 |
0 |
| Block IP - Palo Alto PAN-OS |
๐ Standalone |
1 |
0 |
| Block IP - Palo Alto PAN-OS - Entity trigger |
PaloAlto-PAN-OS |
1 |
0 |
| Block IP - Take Action from Teams - Cisco Firepower |
Cisco Firepower EStreamer |
1 |
0 |
| Block or Unblock IP addresses - ForcepointNGFW |
๐ Standalone |
1 |
2 |
| Block URL - Palo Alto PAN-OS |
๐ Standalone |
1 |
0 |
| Block URL From Teams - Palo Alto Wildfire and PAN-OS |
๐ Standalone |
1 |
0 |
| BlockIP-Azure Firewall New Rule |
Azure Firewall |
1 |
0 |
| BlockIP-Azure Firewall New Rule - Entity trigger |
Azure Firewall |
1 |
2 |
| Cisco ASA - Create or Inbound Access Rule On Interface |
CiscoASA |
1 |
0 |
| Cisco ASA - Create or Inbound Access Rule On Interface |
๐ Standalone |
1 |
0 |
| Cisco ASA - Create or remove access rules on an interface for IP Addresses |
CiscoASA |
1 |
0 |
| Cisco ASA - Create or remove access rules on an interface for IP Addresses |
๐ Standalone |
1 |
0 |
| CiscoISE-TakeEndpointActionFromTeams |
Cisco ISE |
1 |
0 |
| CiscoSDWANLogicAPP |
Cisco SD-WAN |
1 |
3 |
| CiscoUmbrella-AddIpToDestinationList |
CiscoUmbrella |
1 |
0 |
| ConnectorHealthApp |
๐ GitHub Only |
1 |
1 |
| Crowdstrike-ResponsefromTeams |
๐ Standalone |
1 |
1 |
| Dataverse: Add user to blocklist using Teams approval workflow |
Microsoft Business Applications |
1 |
0 |
| Endpoint take action from Teams - Carbon Black |
VMware Carbon Black Cloud |
1 |
1 |
| Fortinet-FortiGate-ResponseOnBlockIP |
Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel |
1 |
0 |
| Fortinet-FortiGate-ResponseOnBlockURL |
Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel |
1 |
0 |
| Fortinet_ResponseOnIP |
๐ GitHub Only |
1 |
0 |
| Fortinet_ResponseOnURL |
๐ GitHub Only |
1 |
0 |
| GCP-DisableServiceAccountFromTeams |
GoogleCloudPlatformIAM |
1 |
0 |
| Get-MachineData-EDR-SOAR-ActionsOnMachine |
๐ GitHub Only |
1 |
1 |
| Get-MDEInvestigationPackage |
๐ Standalone |
1 |
1 |
| Get-MDEInvestigationPackage |
๐ Standalone |
1 |
1 |
| Get-MDEInvestigationPackage-Entity-Trigger |
๐ Standalone |
1 |
1 |
| Google Directory - Suspend User |
GoogleDirectory |
1 |
0 |
| Identity Protection response from Teams |
Microsoft Entra ID Protection |
1 |
0 |
| Identity Protection response from Teams |
๐ Standalone |
1 |
0 |
| Infoblox-Block-Allow-IP-Domain |
Infoblox |
1 |
0 |
| Infoblox-Block-Allow-IP-Domain-Incident-Based |
Infoblox |
1 |
0 |
| Ingestion Cost Alert Playbook |
๐ Standalone |
1 |
0 |
| Logic Apps Custom Connector and Playbook templates - HaveIBeenPwned |
๐ Standalone |
1 |
0 |
| Logic Apps Custom Connector and Playbook templates - Palo Alto Wildfire and PAN-OS |
๐ Standalone |
1 |
0 |
| Logic Apps Custom Connectors and Playbook templates - ForcepointNGFW |
๐ Standalone |
1 |
2 |
| Notify Incident Owner in Microsoft Teams |
SentinelSOARessentials |
1 |
1 |
| Notify When Incident Is Closed |
SentinelSOARessentials |
1 |
1 |
| Notify When Incident Is Reopened |
SentinelSOARessentials |
1 |
1 |
| Notify When Incident Severity Changed |
SentinelSOARessentials |
1 |
1 |
| Notify-GovernanceComplianceTeam |
AzureSecurityBenchmark |
1 |
1 |
| Notify-GovernanceComplianceTeam |
ZeroTrust(TIC3.0) |
1 |
1 |
| Notify-InsiderRiskTeam |
MicrosoftPurviewInsiderRiskManagement |
1 |
1 |
| Notify-LogManagementTeam |
MaturityModelForEventLogManagementM2131 |
1 |
1 |
| Notify_GovernanceComplianceTeam |
CybersecurityMaturityModelCertification(CMMC)2.0 |
1 |
1 |
| Notify_GovernanceComplianceTeam |
NISTSP80053 |
1 |
1 |
| PaloAlto-PAN-OS-BlockIP |
PaloAlto-PAN-OS |
1 |
0 |
| PaloAlto-PAN-OS-BlockURL |
PaloAlto-PAN-OS |
1 |
0 |
| PaloAlto-PAN-OS-BlockURL-EntityTrigger |
PaloAlto-PAN-OS |
1 |
0 |
| PaloAltoXDR |
Palo Alto - XDR (Cortex) |
1 |
2 |
| Post Message Teams |
SentinelSOARessentials |
1 |
1 |
| Post Message Teams |
SentinelSOARessentials |
1 |
1 |
| Post-Message-Teams |
SentinelSOARessentials |
1 |
1 |
| Prompt Okta user |
Okta Single Sign-On |
1 |
0 |
| Prompt User - Alert |
Microsoft Entra ID |
1 |
1 |
| Prompt User - Incident |
Microsoft Entra ID |
1 |
1 |
| Rapid7 Insight VM - Run scan |
Rapid7InsightVM |
1 |
0 |
| Remediate assets on prisma cloud |
PaloAltoPrismaCloud |
1 |
3 |
| Response on Okta user from Teams |
Okta Single Sign-On |
1 |
0 |
| Response on Teams - HaveIBeenPwned |
๐ Standalone |
1 |
0 |
| Rubrik Advanced Threat Hunt |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Anomaly Generate Downloadable Link |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Anomaly Incident Response |
RubrikSecurityCloud |
1 |
0 |
| Rubrik File Object Context Analysis |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Fileset Ransomware Discovery |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Ransomware Discovery and File Recovery |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Ransomware Discovery and VM Recovery |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Turbo Threat Hunt |
RubrikSecurityCloud |
1 |
0 |
| Rubrik Update Anomaly Status |
RubrikSecurityCloud |
1 |
0 |
| SAP - Lock User (Agentless Basic) |
SAP |
1 |
9 |
| Security workflow: alert verification with workload owners |
Microsoft Business Applications |
1 |
0 |
| Send incident Teams Adaptive Card with XDR Portal links |
SentinelSOARessentials |
1 |
1 |
| Send Teams Adaptive Card on incident creation |
SentinelSOARessentials |
1 |
0 |
| Send Teams Adaptive Card on incident creation |
Teams |
1 |
0 |
| Send-AnalyticalRulesHealthNotifications |
๐ Standalone |
1 |
1 |
| Start-MDEAutomatedInvestigation |
๐ Standalone |
1 |
1 |
| Start-MDEAutomatedInvestigation |
๐ Standalone |
1 |
1 |
| TritonPlayook |
๐ GitHub Only |
1 |
2 |
| Vectra Add Note To Entity |
Vectra XDR |
1 |
0 |
| Vectra Add Tag To Entity |
Vectra XDR |
1 |
0 |
| Vectra Add Tag To Entity All Detections |
Vectra XDR |
1 |
0 |
| Vectra Add Tag To Entity Selected Detections |
Vectra XDR |
1 |
1 |
| Vectra Assign Dynamic User To Entity |
Vectra XDR |
1 |
1 |
| Vectra Close Detections |
Vectra XDR |
1 |
0 |
| Vectra Decorate Incident Based On Tags And Notify |
Vectra XDR |
1 |
1 |
| Vectra Download Pcap File To Storage |
Vectra XDR |
1 |
0 |
| Vectra Dynamic Assign Member To Group |
Vectra XDR |
1 |
1 |
| Vectra Dynamic Resolve Assignment |
Vectra XDR |
1 |
2 |
| Vectra Mark Detections As Fixed |
Vectra XDR |
1 |
0 |
| Vectra Open Closed Detections |
Vectra XDR |
1 |
0 |
| Vectra Static Assign Member To Group |
Vectra XDR |
1 |
0 |
| Vectra Static Resolve Assignment |
Vectra XDR |
1 |
1 |
| Vectra Update Incident Based on Tag And Notify |
Vectra XDR |
1 |
1 |
| Watchlists - Inform Subscription Owner |
Watchlists Utilities |
1 |
1 |
| workflow |
SAP |
0 |
10 |
| workflow |
SAP |
0 |
6 |