Cortex ASM - Enrichment
#
This Playbook is part of the Cortex Attack Surface Management Pack.Supported versions
Supported Cortex XSOAR versions: 6.8.0 and later.
Used as a container folder for all enrichments of ASM alerts.
#
DependenciesThis playbook uses the following sub-playbooks, integrations, and scripts.
#
Sub-playbooks- Cortex ASM - AWS Enrichment
- Cortex ASM - Azure Enrichment
- Cortex ASM - GCP Enrichment
- Cortex ASM - Prisma Cloud Enrichment
- Cortex ASM - Qualys Enrichment
- Cortex ASM - Rapid7 Enrichment
- Cortex ASM - Service Ownership
- Cortex ASM - ServiceNow CMDB Enrichment
- Cortex ASM - Splunk Enrichment
- Cortex ASM - Tenable.io Enrichment
#
Integrations- Cortex Attack Surface Management
#
Scripts- InferWhetherServiceIsDev
#
Commands- setAlert
- asm-get-external-service
#
Playbook InputsName | Description | Default Value | Required |
---|---|---|---|
RemoteIP | IP address of service | alert.remoteip | Optional |
#
Playbook OutputsPath | Description | Type |
---|---|---|
ASM.ExternalService.externally_detected_providers | Providers of the external service. | unknown |