Skip to main content

Proactive Threat Hunting - Entity Enrichment

This Playbook is part of the Proactive Threat Hunting Pack.#

Supported versions

Available on Cortex XSOAR (versions 6.9.0 and later).

This playbook will be executed from the "Proactive Threat Hunting" layout button with the objective of enriching information on hosts and users specified by the analyst.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Account Enrichment - Generic v2.1

Integrations#

This playbook does not use any integrations.

Scripts#

  • Print
  • Set
  • DeleteContext
  • JsonToTable

Commands#

  • endpoint
  • xdr-get-alerts
  • setIncident

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Proactive Threat Hunting - Entity Enrichment

Edit this page
Report an Issue