Endpoint

Name SOAR App D3FEND Use Case
AD LDAP Account Locking AD LDAP Account Locking Phishing, Endpoint
AWS IAM Account Locking AWS IAM Account Locking Phishing, Endpoint
Active Directory Disable Account Dispatch AD LDAP, Azure AD Graph Account Locking Phishing, Endpoint
Azure AD Account Locking Azure AD Graph Account Locking Phishing, Endpoint
Cisco Umbrella DNS Denylisting Cisco Umbrella DNS Denylisting Phishing, Endpoint
CrowdStrike OAuth API Device Attribute Lookup CrowdStrike OAuth API   Enrichment, Endpoint
CrowdStrike OAuth API Dynamic Analysis CrowdStrike OAuth API Dynamic Analysis Enrichment, Phishing, Endpoint
CrowdStrike OAuth API Identifier Activity Analysis CrowdStrike OAuth API Identifier Activity Analysis Enrichment, Endpoint
DNS Denylisting Dispatch   DNS Denylisting Phishing, Endpoint
Dynamic Analysis Dispatch   Dynamic Analysis Enrichment, Phishing, Endpoint
Panorama Outbound Traffic Filtering Panorama   Phishing, Endpoint
Splunk Attack Analyzer Dynamic Analysis Splunk Attack Analyzer Connector for Splunk SOAR Dynamic Analysis Enrichment, Phishing, Endpoint
URL Outbound Traffic Filtering Dispatch     Phishing, Endpoint
UrlScan IO Dynamic Analysis urlscan.io Dynamic Analysis Enrichment, Phishing, Endpoint
VirusTotal V3 Dynamic Analysis VirusTotal v3 Dynamic Analysis Enrichment, Phishing, Endpoint
Windows Defender ATP Identifier Activity Analysis Windows Defender ATP Identifier Activity Analysis Enrichment, Endpoint
ZScaler Outbound Traffic Filtering Zscaler   Phishing, Endpoint