DropBox - Massive scale operations on files
#
This Playbook is part of the Dropbox Pack.Supported versions
Supported Cortex XSOAR versions: 6.6.0 and later.
This playbook investigates “Massive File Alterations” and “DropBox - Massive File Downloads” alerts by gathering user and IP information and performing remediation based on the information gathered and received from the user.
If you wish to link this playbook to the relevant alerts automatically, we recommend using the following filters when configuring the playbook triggers:
- Alert Source = Correlation
- Alert Name = DropBox - Massive File Alterations, DropBox - Massive File Downloads
#
DependenciesThis playbook uses the following sub-playbooks, integrations, and scripts.
#
Sub-playbooks- Block IP - Generic v3
- Enrichment for Verdict
- Block Account - Generic v2
- Block Indicators - Generic v3
#
IntegrationsThis playbook does not use any integrations.
#
ScriptsThis playbook does not use any scripts.
#
Commands- closeInvestigation
- setAlert
#
Playbook InputsName | Description | Default Value | Required |
---|---|---|---|
InternalRange | List of Internal IP ranges. | Optional |
#
Playbook OutputsThere are no outputs for this playbook.