Skip to main content
All CollectionsTemplatesBasic
Upload Latest Recorded Future IOCs to Cybereason - Workflow Template
Upload Latest Recorded Future IOCs to Cybereason - Workflow Template

Pull latest Hashes, IPs and Domains above a specific risk score from Recorded Future and add to the Cybereason reputation list.

Updated over 6 months ago

Enhance your security posture by integrating Recorded Future's threat intelligence with Cybereason's EDR capabilities using our workflow template. Automatically pull high-risk hashes, domains, and IP addresses from Recorded Future and update Cybereason's reputation list to ensure immediate detection and response to emerging threats. Configure expiration parameters to maintain a timely and relevant defense structure.

Take Me to the Template

Optional Triggers

Webhook,Slack,"Microsoft Teams"

Use Cases

Endpoint Detection and Response (EDR) , Threat Intelligence Enrichment

Workflow Breakdown

  1. Pull latest IOC's from Recorded Future

  2. Add high risk score Hashes, Domains and IP addresses to Cybereason

  3. Set an expiration for the IOC on Cybereason based on time interval set in the Workflow Variables step

Vendors

Utils, HTTP, Cybereason, Recorded Future

Workflow Output

Updated IOCs added to the Cybereason reputation list

Related Articles
Enrich New Cybereason MalOps File Hash Detail - Workflow Template
Upload New Threat Intelligence IOCs to Cybereason - Workflow Template
Advanced Upload of the Latest Recorded Future IOCs to Cybereason - Workflow Template
Enrich Hashes, CVEs and IP Addresses with Recorded Future - Workflow Template
Recorded Future - File Hash Enrichment with Cache - Workflow Template
Did this answer your question?