Windows Forensics Pack.#This Playbook is part of the
Supported Cortex XSOAR versions: 6.0.0 and later.
This playbook enables gathering forensic data from a host and analyzing the acquired data by using the relevant forensics automations.
This playbook uses the following sub-playbooks, integrations, and scripts.
- Forensics Tools Analysis
- PS-Remote Acquire Host Forensics
This playbook does not use any integrations.
This playbook does not use any scripts.
This playbook does not use any commands.
|Host||A single hostname or IP address from which to acquire the forensic data. For example, testpc01.||Optional|
There are no outputs for this playbook.