Disconnected
SOCaaSMdr
Go to MDRNew Support Request
SC

MDR Response Actions

Execute and monitor managed detection and response actions

Quick Actions

Recent Actions Log

Loading actions...
TimeActionTargetReasonStatusActor
Mar 1, 02:23 PMIsolate EndpointWS-FIN-042.corp.localCobalt Strike beacon detectedSuccessanalyst@threatops.io
Mar 1, 02:10 PMBlock IP185.220.101.34C2 callback trafficSuccessanalyst@threatops.io
Mar 1, 01:45 PMDisable Userjsmith@contoso.comCompromised credentials — dark web exposureSuccesssoc-lead@threatops.io
Mar 1, 12:30 PMQuarantine EmailMSG-9f8e7d6cPhishing — credential harvesting linkFailedanalyst@threatops.io
Mar 1, 11:15 AMBlock IP45.33.32.156Port scan activitySuccessauto-response
Mar 1, 10:00 AMIsolate EndpointSRV-DB-007.corp.localLateral movement detectedPendingsoc-lead@threatops.io

Response Metrics (24h)

23

Total Actions

4

Endpoints Isolated

12

IPs Blocked

3

Users Disabled

Service Health

Microsoft Defender
Connected (42ms)
Graph API
Connected (78ms)

Last checked: 02:25 PM