This application is also available in Italian

The Solution provides two main use cases:

• Get Indicators: Playbooks that automate the ingestion of Joshua Cyberiskvision threat indicators into the ThreatIntelligenceIndicator table of Microsoft Sentinel workspace. This operation can be triggered on a defined schedule and allows correlation between the indicators of the two platforms. This data contains malicious domains, URLs, IPs, file hashes and phishing e-mail addresses.
• Alert Enrichment: Playbooks that use the Joshua Cyberiskvision threat intelligence to automatically or manually enrich incidents generated by Microsoft Sentinel. From the analyst perspective, it is important that the alert contains essential information and therefore the ability to include custom details in the alert will improve the efficiency of investigation. Through this integration, the analyst can enrich incidents with further information. Enriched data will be added in Microsoft Sentinel incident comments.