Skip to main content

DropBox - Massive scale operations on files

This Playbook is part of the Dropbox Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.6.0 and later.

This playbook investigates “Massive File Alterations” and “DropBox - Massive File Downloads” alerts by gathering user and IP information and performing remediation based on the information gathered and received from the user.

If you wish to link this playbook to the relevant alerts automatically, we recommend using the following filters when configuring the playbook triggers:

  • Alert Source = Correlation
  • Alert Name = DropBox - Massive File Alterations, DropBox - Massive File Downloads


This playbook uses the following sub-playbooks, integrations, and scripts.


  • Block IP - Generic v3
  • Enrichment for Verdict
  • Block Account - Generic v2
  • Block Indicators - Generic v3


This playbook does not use any integrations.


This playbook does not use any scripts.


  • closeInvestigation
  • setAlert

Playbook Inputs#

NameDescriptionDefault ValueRequired
InternalRangeList of Internal IP ranges.Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

DropBox - Massive scale operations on files