Skip to main content

Cortex ASM - ASM Alert

This Playbook is part of the Cortex Attack Surface Management Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Primary Playbook to Handle ASM sourced Alerts.#

This playbook aims to provide enrichment of ASM alerts by searching for mentions of associated IP addresses within Third-Party asset inventory tools (ServiceNow CMDB) and for vulnerability details from Vulnerability Assessment tools (Tenable.io.)

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Cortex ASM - Extract IP Indicator
  • Cortex ASM - CMDB Enrichment
  • Cortex ASM - Vulnerability Management Enrichment

Integrations#

There are no integrations for this playbook.

Scripts#

There are no scripts for this playbook.

Commands#

There are no commands for this playbook.

Playbook Inputs#


There are not inputs for this playbook.

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Cortex ASM - ASM Alert