Skip to main content

ACTI Incident Enrichment

This Playbook is part of the Accenture CTI v2 Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

  • This playbook enriches Intelligence Alerts, Intelligence Reports, Malware Families, Threat Actors, Threat Groups & Threat Campaigns


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • ACTI Indicator Query


This playbook does not use any scripts.


  • acti-get-fundamentals-by-uuid
  • acti-getThreatIntelReport

Playbook Inputs#

NameDescriptionDefault ValueRequired
ia_uuidIntelligence Alert unique ID.${intelligence_alerts}Optional
ir_uuidIntelligence Report unique ID.${intelligence_reports}Optional
MalwareFamily_uuidMalware Family unique ID.${acti_malware_family_uuid}Optional
ThreatGroup_uuidThreat Group unique ID.${acti_threat_groups_uuid}Optional
ThreatCampaign_uuidThreat Campaign unique ID.${acti_threat_campaigns_uuid}Optional
ThreatActor_uuidThreat Actor unique ID.${acti_threat_actors_uuid}Optional

Playbook Image#

ACTI Incident Enrichment