| AD LDAP Account Unlocking |
AD LDAP |
|
|
| AWS Disable User Accounts |
AWS IAM |
|
|
| AWS IAM Account Unlocking |
AWS IAM |
|
|
| Active Directory Enable Account Dispatch |
microsoft_ad_ldap, azure_ad_graph, aws_iam |
|
|
| Active Directory Reset password |
AD LDAP |
|
|
| Azure AD Account Unlocking |
Azure AD Graph |
|
|
| Block Indicators |
Palo Alto Networks Firewall, Carbon Black Response, Cisco Umbrella |
|
|
| Cisco Umbrella DNS Denylisting |
Cisco Umbrella |
DNS Denylisting |
Phishing, Endpoint |
| Crowdstrike Malware Triage |
CrowdStrike OAuth API |
|
|
| DNS Denylisting Dispatch |
|
DNS Denylisting |
Phishing, Endpoint |
| Delete Detected Files |
Windows Remote Management |
|
|
| Email Notification for Malware |
VirusTotal, WildFire, Carbon Black Response, SMTP |
|
|
| Internal Host SSH Log4j Response |
SSH |
|
|
| Internal Host WinRM Response |
Windows Remote Management |
|
|
| Log4j Respond |
|
|
|
| Malware Hunt and Contain |
LDAP, ServiceNow, Carbon Black Response, VirusTotal |
|
|
| Panorama Outbound Traffic Filtering |
Panorama |
|
Phishing, Endpoint |
| Ransomware Investigate and Contain |
Carbon Black Response, LDAP, Palo Alto Networks Firewall, WildFire, Cylance |
|
|
| Risk Notable Block Indicators |
|
|
|
| Risk Notable Mitigate |
|
|
|
| Risk Notable Protect Assets and Users |
|
|
|
| Risk Notable Review Indicators |
|
|
|
| Risk Notable Verdict |
|
|
|
| URL Outbound Traffic Filtering Dispatch |
|
|
Phishing, Endpoint |
| ZScaler Outbound Traffic Filtering |
Zscaler |
|
Phishing, Endpoint |