03-13-2024 12:42 PM
hello everyone,
I was reviewing the user investigation - generic playbook for a bit, I would like to have your support by explaining to me what types of uses this playbook could be applied to and if anyone of you already has it implemented.
Thank you all
03-18-2024 01:52 AM
Hi @SOAR-ADMIN ,
you can find the details about the playbook on the below page.
https://xsoar.pan.dev/docs/reference/playbooks/user-investigation---generic
If you want to check which playbooks use it as a sub-playbook, there are some examples below:
Cortex XDR - Large Upload
Possible External RDP Brute-Force
Cortex XDR - Port Scan
Cortex XDR - First SSO Access
Cortex XDR - Possible External RDP Brute-Force
DLP Incident Feedback Loop
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
