<div><strong>We have established two important automated workflows using XSOAR and the Recorded Future Integration</strong>. <br><br>1. We created a custom SOAR playbook using the Identity Intelligence module. This playbook takes the information of compromised corporate user accounts, runs an Active Directory check for the credentials, clears user sessions and resets the password if the account is found to be compromised. It also notifies the user's manager for email response. To date, we have processed over 330 different identity alerts. <br><br>2. We rely on Recorded Future's Risk lists to bring IoCs (Hash, Domain, URL, IPs) into our TIP. These indicators are then processed in our enrichment playbook to search for them in our environment. Our risk score assignments fetch any indicators with a combined threat score of 80 in Recorded Future, and compare them with other intelligence sources to calculate a fully weighted score. Once an indicator is determined to be malicious, it is automatically added to our EDL for ingestion. We average roughly 350,000 indicators per week and 100-200 entries added to the EDL for block enforcement.</div>
This is verified customer evidence about Recorded Future, independently collected and published by UserEvidence as part of an ongoing customer research program. A verified customer testimonial: "<div><strong>We have established two important automated workflows using XSOAR and the Recorded Future Integration</strong>. <br><br>1. We created a custom SOAR playbook using the Identity Intelligence module.…" — Lead Cyber Defense Engineer at 7-Eleven in Consumer…
- Account
- Recorded Future
- Verified
- July 23, 2024
- Responses
- 2,436
- Identifier
- 2701BQGV