Skip to main content

Cortex ASM - Detect Service

This Playbook is part of the Cortex Attack Surface Management Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Playbook that looks at what ASM sub-type the alert is and directs it to different pre/post mitigation scans (such as NMAP).

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • NMAP - Banner Check
  • NMAP - Single Port Scan

Integrations#

This playbook does not use any integrations.

Scripts#

  • GridFieldSetup

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueRequired
RemoteIPRemote IP address in the alert.alert.remoteipRequired
RemotePortRemote port number in the alert.alert.remoteportRequired
ASMRuleIDAttack Surface Management Rule ID.alert.asmattacksurfaceruleidRequired
ScanNumberScan number in case there are multiple IDs in the parent playbook.Required

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Cortex ASM - Detect Service