SafeBreach: Getting Started

Table of Contents

Introduction

SafeBreach works with Recorded Future to ingest contextual threat intelligence and match existing Hacker’s Playbook attacks with the indicators of compromise (IOCs) and techniques, tactics, and procedures (TTPs) of the threat actors shown on Recorded Future’s Threat Map. You can also use SafeBreach to create customized attacks based on any relevant IOCs and TTPs provided by Recorded Future that suit your organization’s needs. This enables you to effectively evaluate your current security control performance against the ever-changing threat landscape. 

Partner Website: https://www.safebreach.com/

Prerequisites

  • Recorded Future Connect API Token

Installation Steps

  1. In the main menu, click Environment > Integrations.
  2. Select Recorded Future. The Add Recorded Future integration page is displayed.
  3. Fill in the form with the following parameters: 
    • Name - A meaningful name for the Integration. 
    • Authentication Token - The generated API token from Recorded Future. 
    • Threat Last Modified - Defines the indicators to include based on when they were last modified - within the specified time period.
  4. View and Generate the Attacks in Threat Intelligence.
    SafeBreach can now generate dedicated attacks based on the Recorded Future’s threat intelligence. Follow these steps to access threats:
    • From the main menu in SafeBreach, click ATTACK > Threat Intelligence.

Support

For integration support, please contact support@safebreach.com.

 

This content is confidential. Do not distribute or download content in a manner that violates your Recorded Future license agreement. Sharing this content outside of licensed Recorded Future users constitutes a breach of the terms and/or agreement and shall be considered a breach by your organization.
Was this article helpful?
1 out of 1 found this helpful

Articles in this section

See more