Skip to main content

Code42 Security Alert

This Playbook is part of the Code42 Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.8.0 and later.

Retrieves Incydr alert details, assigns the alert to an analyst, and gathers employee and supervisor data from Active Directory, if applicable. Note: this playbook can be used as an alternate default to "Code42 Exfiltration Playbook" when the Code42 Incydr integration is set to "Fetch Incidents".


This playbook uses the following sub-playbooks, integrations, and scripts.


  • Get Code42 Employee Information


  • Code42


  • AssignAnalystToIncident


  • closeInvestigation
  • code42-alert-resolve
  • setIncident

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Code42 Security Alert