Skip to main content

Xpanse - Alert Enrichment

This Playbook is part of the Cortex Xpanse Pack.#

Supported versions

Available on Cortex XSOAR (versions 6.8.0 and later).

This playbook handles ASM alerts by enriching asset information via integrations with Cloud Service Providers and other IT and Security tools.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Azure - Enrichment
  • GCP - Enrichment
  • AWS - Enrichment

Playbook Inputs#

| Name | Description | Default Value | Required | |---------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | --- | | Provider | The externally detected provider for the alert. | ${incident.xpanseprovider} | Required | | IP | The external IP address associated with the alert. | ${incident.xpanseip} | Required |

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Xpanse - Alert Enrichment

Edit this page
Report an Issue