Recorded Future Classic Alert

This rule is part of a beta feature. To learn more, contact Support.
recorded-future

Classification:

attack

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Goal

Surface Recorded Future Classic Alerts as Datadog security signals for centralized triage and response.

Strategy

This rule ingests Recorded Future Classic Alert events (source: recorded-future, service: classic-alerts) and converts them directly into security signals.

Triage & Response

  1. Review the signal details including the Recorded Future rule name {{@rule.name}} that triggered the alert.
  2. If needed, open the corresponding alert in the Recorded Future portal for further context.
  3. Investigate the alert for potential impact to your enterprise.
  4. If the alert is relevant to your organization, initiate the appropriate response workflow (domain takedown, patch management, threat hunting, network blocking, etc.).