Introduction
The Recorded Future for Microsoft Sentinel integration provides context and empowers analysts to identify and triage alerts faster, proactively block threats, and reduce time spent on false positives to improve analyst efficiency.
Prerequisites
1. Recorded Future API Token
Installation
The recommended way of installing the solution is via Microsoft Sentinel Content Hub, as it will provide templates for Playbooks, Workbooks and Analytic Rules.
1. Locate the Recorded Future Intelligence in Microsoft Sentinel Content Hub.
2. Press Install and continue to configure the solution.
3. When installing playbooks from templates, read the description and look for dependencies that have to be installed.
Note: Some playbooks are not included in the Content Hub Solution and can be installed from this link. It is stated in the description of each playbook as 'Included in Solution: Yes/No'. Playbooks not included in the Content Hub installation are provided as previews or examples of how to automate use cases.
Please refer to the installation guide for any additional details.
Support
Please reach out to Recorded Future Support at support@recordedfuture.com for further queries and assistance needed during the installation process.