MDR Response Actions
Execute and monitor managed detection and response actions
Quick Actions
Recent Actions Log
Loading actions...
| Time | Action | Target | Reason | Status | Actor |
|---|---|---|---|---|---|
| Mar 1, 02:23 PM | Isolate Endpoint | WS-FIN-042.corp.local | Cobalt Strike beacon detected | Success | analyst@threatops.io |
| Mar 1, 02:10 PM | Block IP | 185.220.101.34 | C2 callback traffic | Success | analyst@threatops.io |
| Mar 1, 01:45 PM | Disable User | jsmith@contoso.com | Compromised credentials — dark web exposure | Success | soc-lead@threatops.io |
| Mar 1, 12:30 PM | Quarantine Email | MSG-9f8e7d6c | Phishing — credential harvesting link | Failed | analyst@threatops.io |
| Mar 1, 11:15 AM | Block IP | 45.33.32.156 | Port scan activity | Success | auto-response |
| Mar 1, 10:00 AM | Isolate Endpoint | SRV-DB-007.corp.local | Lateral movement detected | Pending | soc-lead@threatops.io |
Response Metrics (24h)
23
Total Actions
4
Endpoints Isolated
12
IPs Blocked
3
Users Disabled
Service Health
Microsoft Defender
Connected (42ms)
Graph API
Connected (78ms)
Last checked: 02:25 PM