Cortex ASM - Detect Service
#This Playbook is part of the Cortex Attack Surface Management Pack.
Supported Cortex XSOAR versions: 6.5.0 and later.
Playbook that looks at what ASM sub-type the alert is and directs it to different pre/post mitigation scans (such as NMAP, SNMP).
This playbook uses the following sub-playbooks, integrations, and scripts.
- AWS - Unclaimed S3 Bucket Validation
- NMAP - Single Port Scan
- Cortex ASM - SNMP Check
- NMAP - Banner Check
This playbook does not use any integrations.
This playbook does not use any commands.
|RemoteIP||Remote IP address in the alert.||alert.remoteip||Optional|
|RemotePort||Remote port number in the alert.||alert.remoteport||Optional|
|ASMRuleID||Attack Surface Management Rule ID.||alert.asmattacksurfaceruleid||Required|
|ScanNumber||Scan number in case there are multiple IDs in the parent playbook.||Required|
There are no outputs for this playbook.