Skip to main content

Block File - Generic v2

This Playbook is part of the Common Playbooks Pack.#

This playbook is used to block files from running on endpoints. This playbook supports the following integrations:

  • Palo Alto Networks Traps
  • Palo Alto Networks Cortex XDR
  • Cybereason
  • Carbon Black Enterprise Response
  • Cylance Protect v2

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Cortex XDR - Block File
  • Block File - Cybereason
  • Block File - Carbon Black Response
  • Block File - Cylance Protect v2

Integrations#

This playbook does not use any integrations.

Scripts#

This playbook does not use any scripts.

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueRequired
MD5The MD5 hash of the file you want to block.File.MD5Optional
SHA256The SHA256 hash of the file you want to block.File.SHA256Optional
HashIn this input you can insert either MD5 or SHA256 that you wish to block.Optional

Playbook Outputs#


PathDescriptionType
CbResponse.BlockedHashes.LastBlock.TimeLast block timeunknown
CbResponse.BlockedHashes.LastBlock.HostnameLast block hostnameunknown
CbResponse.BlockedHashes.LastBlock.CbSensorIDLast block sensor IDunknown

Playbook Image#


Block File - Generic v2