Skip to main content

Digital Shadows - IoC Assessment & Enrichment

This Playbook is part of the Digital Shadows SearchLight Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Enrich indicators by providing intelligence and more associated indicators based on confirmed reporting in Digital Shadows SearchLight.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Digital Shadows - IP_IoC Assessment & Enrichment
  • Digital Shadows - SHA1_IoC Assessment & Enrichment
  • Digital Shadows - CVE_IoC Assessment & Enrichment
  • Digital Shadows - MD5_IoC Assessment & Enrichment
  • Digital Shadows - Domain_IoC Assessment & Enrichment
  • Digital Shadows - SHA256_IoC Assessment & Enrichment
  • Digital Shadows - URL_IoC Assessment & Enrichment

Integrations#

This playbook does not use any integrations.

Scripts#

This playbook does not use any scripts.

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueRequired
IoC_IPAn IP address to assess and enrichIP.AddressOptional
IoC_CVEA CVE ID to assess and enrichCVE.IDOptional
IoC_DomainA domain name to assess and enrichDomain.Name.NoneOptional
IoC_URLA URL to assess and enrichURL.Data.NoneOptional
IoC_MD5A MD5 hash to assess and enrichFile.MD5Optional
IoC_SHA256A SHA256 hash to assess and enrichFile.SHA256Optional
IoC_SHA1A SHA1 hash to assess and enrichFile.SHA1Optional

Playbook Outputs#


PathDescriptionType
DBotScore.IndicatorIndicator Valuestring
DBotScore.TypeIndicator Typestring