Contents x
      Azure Active Directory 1.0.7
      • 06 Apr 2025
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Contents

      Azure Active Directory 1.0.7

      • Updated on 06 Apr 2025
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Article summary

      Azure Active Directory - 1.0.7

      tags: Python | Enrichment | Identity and Access Management

      Table of Contents

      Description

      Integration with Azure Active Directory supports CDC users by providing enrichments for specific users, members, devices, and domains via REST API. This enables CDC users to make informed decisions regarding incident response.

      Azure Active Directory is Microsoft’s identity and access management solution. It combines easy single sign-on to any cloud and on-premises application. It gives users a single identity to access the applications they want and collaborate from any platform and device. Azure Active Directory protects identities and streamlines IT processes. It is a universal identity platform that lets you securely engage with internal and external resources.

      CyberProof has created actions to add, update, delete, and get details of a user, group of users, device, or domain - so that a CDC user can perform these actions on Azure Active Directory to get the required information on CDC. Custom adaptive cards are extensively used to display the enriched information on CDC. This integration enables us to perform automated tasks regarding Azure Active Directory management, if required.

      Integration Type:Enrichment
      Information Enriched:Identity & access of User, Group of users, Device, Domain etc.
      API Supported:API v1.0
      Input:User/Member/Device/Domain to be enriched
      Output:Details enriched information about User/Member/Device/Domain provided in Input

      CDC Command Lines

      • get_device_cli
        The CLI of the CDC, of get-device in the CDC message thread.
      OptionTypeDescriptionRequired
      device_idstringThe device ID from Active Directory.True
      • get_group_cli
        The CLI of the CDC, of get-group in the CDC message thread.
      OptionTypeDescriptionRequired
      group_idstringGroup ID from Azure Active Directory.True
      • user_ex_cli
        The CLI of the CDC, of user_ex_formatter in the CDC message thread.
      OptionTypeDescriptionRequired
      userstringThe user ID/principal name from Active Directory.True

      Workflows

      • post_get_device
        Post formatted-get-device in the CDC by ID of incident/message/channel.

      • post_get_group
        Post formatted-get-group in the CDC by ID of incident/message/channel.

      • post_user_ex
        Post user_ex_formatter in the CDC by ID of incident/message/channel.

      • user_ex_formatter
        Formats the information from Azure Active Directory about a user.

      Rules

      No rules

      Sensors

      No sensors

      Triggers

      No triggers

      Known Issues

      No known issues

      Was this article helpful?
      What's Next