Handles ticket tracking as well as triggeres specific playbooks based on the name of the ExtraHop Detection. Default playbook to run for all ExtraHop Detection incidents.
This playbook uses the following sub-playbooks, integrations, and scripts.
- ExtraHop - Ticket Tracking
- ExtraHop - CVE-2019-0708 (BlueKeep)
This playbook does not use any integrations.
This playbook does not use any commands.
There are no inputs for this playbook.
|CVE||The details on the CVE.||unknown|
|ExtraHop.Device||The details on the host and any peer devices found.||unknown|
|ExtraHop.ActivityMap||The link to a visual activity map in ExtraHop.||string|
|ExtraHop.Record.Source||The associated transaction records from ExtraHop.||unknown|