Threat Lookup - Have I been pwned? flow
The Threat Lookup - Have I been pwned? flow performs a lookup on selected observables. If the observables are of a type recognized by Have I been pwned?, the observables are scanned for malware, and the results are returned.
Role required: sn_si_admin
This flow is triggered by the Security Operations Integration - Threat Lookup capability when you perform a threat lookup on one or more observables, and the Have I been pwned? implementation is selected. For more information, see Perform lookups on observables.
For information, see Common Security Operations integration flows and orchestration activities.