Recorded Future Classic Alert

This rule is part of a beta feature. To learn more, contact Support.
recorded-future

Classification:

attack

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Surface Recorded Future Classic Alerts as Datadog security signals for centralized triage and response.

Strategy

This rule ingests Recorded Future Classic Alert events (source: recorded-future, service: classic-alerts) and converts them directly into security signals.

Triage & Response

  1. Review the signal details including the Recorded Future rule name {{@rule.name}} that triggered the alert.
  2. If needed, open the corresponding alert in the Recorded Future portal for further context.
  3. Investigate the alert for potential impact to your enterprise.
  4. If the alert is relevant to your organization, initiate the appropriate response workflow (domain takedown, patch management, threat hunting, network blocking, etc.).