AD_LDAP_Account_Locking.json
AD_LDAP_Account_Locking.png
AD_LDAP_Account_Locking.py
AD_LDAP_Account_Locking.yml
AD_LDAP_Account_Unlocking.json
AD_LDAP_Account_Unlocking.png
AD_LDAP_Account_Unlocking.py
AD_LDAP_Account_Unlocking.yml
AD_LDAP_Entity_Attribute_Lookup.json
AD_LDAP_Entity_Attribute_Lookup.png
AD_LDAP_Entity_Attribute_Lookup.py
AD_LDAP_Entity_Attribute_Lookup.yml
AWS_IAM_Account_Locking.json
AWS_IAM_Account_Locking.png
AWS_IAM_Account_Locking.py
AWS_IAM_Account_Locking.yml
AWS_IAM_Account_Unlocking.json
AWS_IAM_Account_Unlocking.png
AWS_IAM_Account_Unlocking.py
AWS_IAM_Account_Unlocking.yml
Active_Directory_Disable_Account_Dispatch.json
Active_Directory_Disable_Account_Dispatch.png
Active_Directory_Disable_Account_Dispatch.py
Active_Directory_Disable_Account_Dispatch.yml
Active_Directory_Enable_Account_Dispatch.json
Active_Directory_Enable_Account_Dispatch.png
Active_Directory_Enable_Account_Dispatch.py
Active_Directory_Enable_Account_Dispatch.yml
Attribute_Lookup_Dispatch.json
Attribute_Lookup_Dispatch.png
Attribute_Lookup_Dispatch.py
Attribute_Lookup_Dispatch.yml
Automated_Enrichment.json
Azure_AD_Account_Locking.json
Azure_AD_Account_Locking.png
Azure_AD_Account_Locking.py
Azure_AD_Account_Locking.yml
Azure_AD_Account_Unlocking.json
Azure_AD_Account_Unlocking.png
Azure_AD_Account_Unlocking.py
Azure_AD_Account_Unlocking.yml
Azure_AD_Graph_User_Attribute_Lookup.json
Azure_AD_Graph_User_Attribute_Lookup.png
Azure_AD_Graph_User_Attribute_Lookup.py
Azure_AD_Graph_User_Attribute_Lookup.yml
Cisco_Umbrella_DNS_Denylisting.json
Cisco_Umbrella_DNS_Denylisting.png
Cisco_Umbrella_DNS_Denylisting.py
Cisco_Umbrella_DNS_Denylisting.yml
CrowdStrike_OAuth_API_Device_Attribute_Lookup.json
CrowdStrike_OAuth_API_Device_Attribute_Lookup.png
CrowdStrike_OAuth_API_Device_Attribute_Lookup.py
CrowdStrike_OAuth_API_Device_Attribute_Lookup.yml
CrowdStrike_OAuth_API_Dynamic_Analysis.json
CrowdStrike_OAuth_API_Dynamic_Analysis.png
CrowdStrike_OAuth_API_Dynamic_Analysis.py
CrowdStrike_OAuth_API_Dynamic_Analysis.yml
CrowdStrike_OAuth_API_Identifier_Activity_Analysis.json
CrowdStrike_OAuth_API_Identifier_Activity_Analysis.png
CrowdStrike_OAuth_API_Identifier_Activity_Analysis.py
CrowdStrike_OAuth_API_Identifier_Activity_Analysis.yml
DNS_Denylisting_Dispatch.json
DNS_Denylisting_Dispatch.png
DNS_Denylisting_Dispatch.py
DNS_Denylisting_Dispatch.yml
Dynamic_Analysis_Dispatch.json
Dynamic_Analysis_Dispatch.png
Dynamic_Analysis_Dispatch.py
Dynamic_Analysis_Dispatch.yml
G_Suite_for_GMail_Message_Identifier_Activity_Analysis.json
G_Suite_for_GMail_Message_Identifier_Activity_Analysis.png
G_Suite_for_GMail_Message_Identifier_Activity_Analysis.py
G_Suite_for_GMail_Message_Identifier_Activity_Analysis.yml
Identifier_Activity_Analysis_Dispatch.json
Identifier_Activity_Analysis_Dispatch.png
Identifier_Activity_Analysis_Dispatch.py
Identifier_Activity_Analysis_Dispatch.yml
Identifier_Reputation_Analysis_Dispatch.json
Identifier_Reputation_Analysis_Dispatch.png
Identifier_Reputation_Analysis_Dispatch.py
Identifier_Reputation_Analysis_Dispatch.yml
Jira_Related_Tickets_Search.json
Jira_Related_Tickets_Search.png
Jira_Related_Tickets_Search.py
Jira_Related_Tickets_Search.yml
Panorama_Outbound_Traffic_Filtering.json
Panorama_Outbound_Traffic_Filtering.png
Panorama_Outbound_Traffic_Filtering.py
Panorama_Outbound_Traffic_Filtering.yml
PhishTank_URL_Reputation_Analysis.json
PhishTank_URL_Reputation_Analysis.png
PhishTank_URL_Reputation_Analysis.py
PhishTank_URL_Reputation_Analysis.yml
Related_Tickets_Search_Dispatch.json
Related_Tickets_Search_Dispatch.png
Related_Tickets_Search_Dispatch.py
Related_Tickets_Search_Dispatch.yml
ServiceNow_Related_Tickets_Search.json
ServiceNow_Related_Tickets_Search.png
ServiceNow_Related_Tickets_Search.py
ServiceNow_Related_Tickets_Search.yml
Splunk_Attack_Analyzer_Dynamic_Analysis.json
Splunk_Attack_Analyzer_Dynamic_Analysis.png
Splunk_Attack_Analyzer_Dynamic_Analysis.py
Splunk_Attack_Analyzer_Dynamic_Analysis.yml
Splunk_Identifier_Activity_Analysis.json
Splunk_Identifier_Activity_Analysis.png
Splunk_Identifier_Activity_Analysis.py
Splunk_Identifier_Activity_Analysis.yml
Splunk_Message_Identifier_Activity_Analysis.json
Splunk_Message_Identifier_Activity_Analysis.png
Splunk_Message_Identifier_Activity_Analysis.py
Splunk_Message_Identifier_Activity_Analysis.yml
Splunk_Notable_Related_Tickets_Search.json
Splunk_Notable_Related_Tickets_Search.png
Splunk_Notable_Related_Tickets_Search.py
Splunk_Notable_Related_Tickets_Search.yml
URL_Outbound_Traffic_Filtering_Dispatch.json
URL_Outbound_Traffic_Filtering_Dispatch.png
URL_Outbound_Traffic_Filtering_Dispatch.py
URL_Outbound_Traffic_Filtering_Dispatch.yml
UrlScan_IO_Dynamic_Analysis.json
UrlScan_IO_Dynamic_Analysis.png
UrlScan_IO_Dynamic_Analysis.py
UrlScan_IO_Dynamic_Analysis.yml
VirusTotal_v3_Dynamic_Analysis.json
VirusTotal_v3_Dynamic_Analysis.png
VirusTotal_v3_Dynamic_Analysis.py
VirusTotal_v3_Dynamic_Analysis.yml
VirusTotal_v3_Identifier_Reputation_Analysis.json
VirusTotal_v3_Identifier_Reputation_Analysis.png
VirusTotal_v3_Identifier_Reputation_Analysis.py
VirusTotal_v3_Identifier_Reputation_Analysis.yml
Windows_Defender_ATP_Identifier_Activity_Analysis.json
Windows_Defender_ATP_Identifier_Activity_Analysis.png
Windows_Defender_ATP_Identifier_Activity_Analysis.py
Windows_Defender_ATP_Identifier_Activity_Analysis.yml
Zscaler_Outbound_Traffic_Filtering.json
Zscaler_Outbound_Traffic_Filtering.png
Zscaler_Outbound_Traffic_Filtering.py
Zscaler_Outbound_Traffic_Filtering.yml
activedirectory_reset_password.json
activedirectory_reset_password.png
activedirectory_reset_password.py
activedirectory_reset_password.yml
aws_disable_user_accounts.json
aws_disable_user_accounts.png
aws_disable_user_accounts.py
aws_disable_user_accounts.yml
aws_find_inactive_users.json
aws_find_inactive_users.png
aws_find_inactive_users.py
aws_find_inactive_users.yml
crowdstrike_malware_triage.json
crowdstrike_malware_triage.png
crowdstrike_malware_triage.py
crowdstrike_malware_triage.yml
delete_detected_files.json
delete_detected_files.png
delete_detected_files.yml
email_notification_for_malware.json
email_notification_for_malware.png
email_notification_for_malware.py
email_notification_for_malware.yml
internal_host_splunk_investigate_log4j.json
internal_host_splunk_investigate_log4j.png
internal_host_splunk_investigate_log4j.py
internal_host_splunk_investigate_log4j.yml
internal_host_ssh_investigate.json
internal_host_ssh_investigate.png
internal_host_ssh_investigate.py
internal_host_ssh_investigate.yml
internal_host_ssh_log4j_investigate.json
internal_host_ssh_log4j_investigate.png
internal_host_ssh_log4j_investigate.py
internal_host_ssh_log4j_investigate.yml
internal_host_ssh_log4j_respond.json
internal_host_ssh_log4j_respond.png
internal_host_ssh_log4j_respond.py
internal_host_ssh_log4j_respond.yml
internal_host_winrm_investigate.json
internal_host_winrm_investigate.png
internal_host_winrm_investigate.py
internal_host_winrm_investigate.yml
internal_host_winrm_log4j_investigate.json
internal_host_winrm_log4j_investigate.png
internal_host_winrm_log4j_investigate.py
internal_host_winrm_log4j_investigate.yml
internal_host_winrm_log4j_respond.json
internal_host_winrm_log4j_respond.png
internal_host_winrm_log4j_respond.py
internal_host_winrm_log4j_respond.yml
malware_hunt_and_contain.json
malware_hunt_and_contain.png
malware_hunt_and_contain.py
malware_hunt_and_contain.yml
ransomware_investigate_and_contain.json
ransomware_investigate_and_contain.png
ransomware_investigate_and_contain.py
ransomware_investigate_and_contain.yml
risk_notable_block_indicators.json
risk_notable_block_indicators.png
risk_notable_block_indicators.py
risk_notable_block_indicators.yml
risk_notable_import_data.json
risk_notable_import_data.png
risk_notable_import_data.py
risk_notable_import_data.yml
risk_notable_investigate.json
risk_notable_investigate.png
risk_notable_investigate.py
risk_notable_investigate.yml
risk_notable_merge_events.json
risk_notable_merge_events.png
risk_notable_merge_events.py
risk_notable_merge_events.yml
risk_notable_mitigate.json
risk_notable_mitigate.png
risk_notable_mitigate.yml
risk_notable_preprocess.json
risk_notable_preprocess.png
risk_notable_preprocess.py
risk_notable_preprocess.yml
risk_notable_protect_assets_and_users.json
risk_notable_protect_assets_and_users.png
risk_notable_protect_assets_and_users.py
risk_notable_protect_assets_and_users.yml
risk_notable_review_indicators.json
risk_notable_review_indicators.png
risk_notable_review_indicators.py
risk_notable_review_indicators.yml
risk_notable_verdict.json
threat_intel_investigate.json
threat_intel_investigate.png
threat_intel_investigate.py
threat_intel_investigate.yml
trustar_enrich_indicators.json
trustar_enrich_indicators.png
trustar_enrich_indicators.py
trustar_enrich_indicators.yml
security_content_automation
Folders and files Name Name Last commit message
Last commit date
parent directory
View all files
You can’t perform that action at this time.