Supported Cortex XSOAR versions: 6.0.0 and later.
Active Directory Investigation playbook provides tools and guidance to investigate changes and manipulation in Active Directory containers, ACLs, Schema, and objects. This playbook uses a 3rd party tool provided by Microsoft to scan the Active Directory access list, trees, and objects. Additional investigative information is provided for manual investigation.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
This playbook does not use any scripts.
There are no inputs for this playbook.
There are no outputs for this playbook.