Monitor Panther alerts & remediate SSH brute force attacks

This Story receives a Panther alert and checks if it is an SSH brute force attack, enriching it via Panther and AbuseIPDB. Then, it blocks it in AWS ACLs, creates a Jira ticket, and sends a Slack message to a channel.

Panther Alerts Remediate Intermediate Enrich GraphQL

Get started with this Story

Was this helpful?