Flashpoint Pack.#This Playbook is part of the
Compromised Credentials Match playbook uses the details of the compromised credentials ingested from the Flashpoint and authenticates using the Active Directory integration by providing the compromised credentials of the user, expires the credentials if it matches, and sends an email alert about the breach.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
- Active Directory Query v2
|username||The username of the compromised credentials account.||incident.flashpointsourceemail||Required|
|password||The password of the compromised credentials account.||incident.flashpointpassword||Required|
|sendEmailAsWarning||Boolean input whether to send email or not.||True||Optional|
There are no outputs for this playbook.