Simple Response Configuration Guide
Simple responses support automation of common security activities. For instructions on how to configure a specific response, click a link in the Simple Response column. For more information about simple responses, see Get Started with Simple Responses.
|Alert Logic WAF: Block External IP Address||Block the IP address of an attacker with the Alert Logic web application firewall (WAF).|
|AWS WAF IP Set: Block External IP Address||Add the attacker IP address to an AWS WAF (web application firewall) IP set that controls access to a protected Amazon CloudFront distribution or regional application.|
|AWS IAM: Disable User||Disable the Amazon Web Services (AWS) IAM access key of a user that is the victim of an attack.|
|Microsoft Azure Active Directory: Disable User||Disable the Microsoft Azure AD account of an Azure AD or Office 365 user that is the victim of an attack.|
|Microsoft Defender for Endpoint: Isolate Host||Isolate the host of a user that is the victim of an attack with Microsoft Defender for Endpoint.|
|SentinelOne: Isolate Host||Isolate the host of a user that is the victim of an attack with SentinelOne.|