Supported Cortex XSOAR versions: 6.0.0 and later.
When combined with ‘SlashNext Abuse Management Protection’, this playbook fully automates the identification and remediation of phishing emails found in Microsoft 365 user inboxes. Using the indicators of compromise, URL, domain, and IP, found in the original email, it searches and remediates other emails containing the same IOCs.
This playbook uses the following sub-playbooks, integrations, and scripts.
- Abuse Inbox Management Protection
- EWS Mail Sender
- EWS v2
This playbook does not use any scripts.
There are no inputs for this playbook.
There are no outputs for this playbook.