Skip to main content

Darkmon - Ransomware Victim Response

This Playbook is part of the Darkmon Pack.#

Supported versions

Available on Cortex XSOAR (versions 6.8.0 and later).

Triggered when our company surfaces in a Darkmon ransomware mention. Verifies the match, opens a war-room channel via Generic Notify, pages the CISO, and prints next-step guidance for the customer's IR runbook.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Open war-room channel
  • Page CISO

Integrations#

This playbook does not use any integrations.

Scripts#

  • DarkmonFilterUnseen
  • PrintErrorEntry

Commands#

This playbook does not use any commands.

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Edit this page
Report an Issue