Skip to main content

Incident Postprocessing - Group-IB Threat Intelligence & Attribution

This Playbook is part of the Group-IB Threat Intelligence Pack.#

Supported versions

Available on Cortex XSOAR (versions 6.0.0 and later) and Cortex XSIAM.

Obtains additional information on the threat actor involved in the incident and associates related indicators to the incident.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • Group-IB Threat Intelligence

Scripts#

This playbook does not use any scripts.

Commands#

  • gibtia-get-threat-actor-info
  • gibtia-get-threat-info
  • associateIndicatorsToIncident

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Incident Postprocessing - Group-IB Threat Intelligence

Edit this page
Report an Issue