Skip to main content

File Private Scanning - Google Threat Intelligence

This Playbook is part of the GoogleThreatIntelligence Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.10.0 and later.

This playbook submits a file for private scanning, retrieves and evaluates the analysis verdict, and automatically creates a ServiceNow ticket using the "ServiceNow v2" integration when the file is determined to be malicious.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Create ServiceNow Ticket

Integrations#

This playbook does not use any integrations.

Scripts#

  • DeleteContext
  • Print

Commands#

  • gti-private-file-scan-and-analysis-get
  • servicenow-update-ticket

Playbook Inputs#

NameDescriptionDefault ValueRequired
file_idFetch the Entry ID of the last submitted file from the incident.${.=(val.File instanceof Array ? val.File[val.File.length-1].EntryID : val.File.EntryID)}Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

File Private Scanning - Google Threat Intelligence

Edit this page
Report an Issue