Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Recorded Future For Splunk SOAR app icon

Recorded Future For Splunk SOAR

Enhance your security posture with Recorded Future for Splunk SOAR. Key Capabilities: •Swift Threat Assessments: Access Recorded Future's extensive IOC data for swift and accurate assessments

Built by
soar product badge
Latest Version 4.5.0
June 18, 2025
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.1, 7.0, 6.4, 6.3
Rating

0

(0)

Log in to rate this app
Support
Recorded Future For Splunk SOAR support icon
Developer Supported connector
Ranking

#20

in Reputation

#23

in Threat Intel
Enhance your security posture with Recorded Future for Splunk SOAR. Key Capabilities: •Swift Threat Assessments: Access Recorded Future's extensive IOC data for swift and accurate assessments

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity
  • alert update: Update status and/or notes for the alert specified with alert_id
  • alert search: Get details on alerts configured and generated by Recorded Future by alert rule ID and time range
  • alert lookup: Get details on an alert
  • alert rule search: Search for alert rule IDs by name
  • url intelligence: Get threat intelligence for a URL
  • url reputation: Get a quick indicator of the risk associated with a URL
  • vulnerability intelligence: Get threat intelligence for a vulnerability
  • vulnerability reputation: Get a quick indicator of the risk associated with a vulnerability
  • file intelligence: Get threat intelligence for a file identified by its hash
  • file reputation: Get a quick indicator of the risk associated with a file identified by its hash
  • domain intelligence: Get threat intelligence for a domain
  • domain reputation: Get a quick indicator of the risk associated with a domain
  • ip intelligence: Get threat intelligence for an IP address
  • list search: Find lists based on a query
  • create list: Create new list
  • list add entity: Add new entity to list
  • list remove entity: Remove entity from list
  • list details: Get list details
  • list status: Get list status info
  • list entities: Get list entities
  • ip reputation: Get a quick indicator of the risk associated with an IP address
  • threat assessment: Get an indicator of the risk for a collection of entities based on context
  • list contexts: Get a list of possible contexts to use in threat assessment
  • playbook alerts search: Search Playbook alerts
  • playbook alert update: Update Playbook alert
  • playbook alert details: Get Playbook alert details
  • entity search: Find entities based on a query
  • links search: Search for links data
  • detection rule search: Search for detection rule
  • threat actor intelligence: Get threat actor intelligence
  • threat map: Get threat map
  • collective insights submit: Enables contribute data, `collective insights`, into the Recorded Future Intelligence Cloud
  • on poll: Ingest alerts from Recorded Future

Categories

Reputation, Threat Intel

Created By

SOAR Community

Source Code

GitHub(Opens new window)

Type

connector

Downloads

1,729

Licensing

Splunk General Terms(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing