Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Recorded Future For Splunk SOAR app icon

Recorded Future For Splunk SOAR

Enhance your security posture with Recorded Future for Splunk SOAR. Key Capabilities: •Swift Threat Assessments: Access Recorded Future's extensive IOC data for swift and accurate assessments

Built by SOAR Community
soar product badge
Compatibility
Not Available
Platform Version: 6.4, 6.3
Rating

0

(0)

Log in to rate this app
Ranking

#17

in Threat Intel

#20

in Reputation
Enhance your security posture with Recorded Future for Splunk SOAR. Key Capabilities: •Swift Threat Assessments: Access Recorded Future's extensive IOC data for swift and accurate assessments

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity
  • alert update: Update status and/or notes for the alert specified with alert_id
  • alert search: Get details on alerts configured and generated by Recorded Future by alert rule ID and time range
  • alert lookup: Get details on an alert
  • alert rule search: Search for alert rule IDs by name
  • url intelligence: Get threat intelligence for a URL
  • url reputation: Get a quick indicator of the risk associated with a URL
  • vulnerability intelligence: Get threat intelligence for a vulnerability
  • vulnerability reputation: Get a quick indicator of the risk associated with a vulnerability
  • file intelligence: Get threat intelligence for a file identified by its hash
  • file reputation: Get a quick indicator of the risk associated with a file identified by its hash
  • domain intelligence: Get threat intelligence for a domain
  • domain reputation: Get a quick indicator of the risk associated with a domain
  • ip intelligence: Get threat intelligence for an IP address
  • list search: Find lists based on a query
  • create list: Create new list
  • list add entity: Add new entity to list
  • list remove entity: Remove entity from list
  • list details: Get list details
  • list status: Get list status info
  • list entities: Get list entities
  • ip reputation: Get a quick indicator of the risk associated with an IP address
  • threat assessment: Get an indicator of the risk for a collection of entities based on context
  • list contexts: Get a list of possible contexts to use in threat assessment
  • playbook alerts search: Search Playbook alerts
  • playbook alert update: Update Playbook alert
  • playbook alert details: Get Playbook alert details
  • entity search: Find entities based on a query
  • links search: Search for links data
  • detection rule search: Search for detection rule
  • threat actor intelligence: Get threat actor intelligence
  • threat map: Get threat map
  • collective insights submit: Enables contribute data, `collective insights`, into the Recorded Future Intelligence Cloud
  • on poll: Ingest alerts from Recorded Future

Categories

Created By

SOAR Community

Source Code

Type

connector

Downloads

1,533

Licensing

Splunk Answers

Resources

Login to report this app listing
OSZAR »