https://store-images.s-microsoft.com/image/apps.36890.7f0cb315-8e7a-4c21-bf76-62c91d8962f5.5d5b78c5-9704-4873-accd-5727b81cfe5c.b4e678e6-1702-4f90-889d-1884d097d422

TacitRed Defender Threat Intelligence

by Data443

TacitRed Defender Threat Intelligence solution for Microsoft Sentinel with automated credential IOC

The TacitRed Defender Threat Intelligence solution integrates TacitRed's threat intelligence feed with Microsoft Sentinel. It automatically retrieves compromised credentials and other threat indicators from TacitRed and ingests them into Microsoft Sentinel using the Upload API for enhanced threat detection.

This solution includes:
- Azure Function App for automated data retrieval from TacitRed
- Logic App playbook for syncing compromised credential IOCs to Microsoft Defender Threat Intelligence
- Automated threat indicator ingestion into Microsoft Sentinel

Prerequisites:
- Microsoft Sentinel workspace
- TacitRed API credentials
- Microsoft Defender Threat Intelligence access

At a glance

https://store-images.s-microsoft.com/image/apps.12431.7f0cb315-8e7a-4c21-bf76-62c91d8962f5.5d5b78c5-9704-4873-accd-5727b81cfe5c.a0aadd36-b5a0-4f09-96bc-82e22774dadc