Together, Recorded Future and Tines combine threat intelligence with powerful automation enabling your team to work smarter and more efficiently. Recorded Future threat intelligence enriches alerts with actionable context through a Tines automation. By the time an alert reaches your team, it includes in-depth information allowing you to respond to the threat faster and with greater confidence.
Key benefits
Eliminate manual aggregation, correlation & triaging
Gain greater context on reported breaches
Accelerate the time to remediation
Use case examples
Example 1
Add known exploited vulnerabilities to Recorded Future
Gather vulnerabilities from the CISA Known Exploited Vulnerabilities Feed and send the CVEs to the Recorded Future Vulnerability Watchlist.
Tools
Example 2
Create Sublime Security rules using Recorded Future threat intel
Use threat intelligence from Recorded Future to create detection rules in Sublime Security Get threat intelligence information from Recorded Future and create detection rules within Sublime Security to alert on new messages that match Recorded Future's threat actor indicators.
Example 3
Enrich a list of CVEs using Recorded Future via a form
Enrich a list of CVEs uploaded as a CSV file via a Tines form. For each CVE in the file, retrieve detailed risk analysis data from Recorded Future. A new CSV containing the enriched CVE data is then generated and sent to the recipient. This Story leverages Recorded Future's Vulnerability Intelligence module.
Tools
Created by
Derek Wohlfahrt
Example 4
Analyze phishing emails with Recorded Future
Analyze key aspects of phishing emails, including the sender domain, URL, leaked credentials, and any attachments, using enrichment and analysis from Recorded Future. Receive results via email and add them to your case management system if needed.
Tools
Example 5
Fetch rule results from Recorded Future Attack Surface Intelligence & open ServiceNow tickets
This Story automatically fetches results from Recorded Future Attack Surface Intelligence (ASI) module from SecurityTrails Risk Rules. The initial Slack alert will summarize the number of exposed risks by category and provide an option to open ServiceNow tickets. This Story corresponds to Recorded Future's ASI module.
Tools
Created by
Rosie Halpin and Aaron Sandow
Example 6
Send an IOC to Recorded Future for Analysis
This Story allows you to send a hash, IP, or domain to Recorded Future and returns a criticality level, summary, score, and link to Recorded Future. This Story corresponds to Recorded Future's SecOps and Threat Intel module.
