Skip to main content

Intezer - scan host

This Playbook is part of the Intezer Pack.#

Uses Cortex XSOAR D2 agent to scan a host using Intezer scanner.

Input:

  • Hostname (default: ${Endpoint.Hostname})
  • OS (default: windows)
  • Credentials (default: Admin)

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • GenericPolling

Integrations#

  • Intezer v2

Scripts#

  • IntezerScanHost
  • AreValuesEqual
  • IncidentAddSystem
  • Exists

Commands#

  • intezer-get-analysis-result

Playbook Inputs#


NameDescriptionDefault ValueRequired
HostDeploys Demist D2 agent on the target Host.10.254.7.24Required
OSThe default OS type of target host.windowsOptional
INTEZER_API_KEYThe Intezer api-key-Required
CredentialsThe name of the credential set. Credentials are located in Cortex XSOAR: Settings > Integrations > Credentials.AdminOptional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Intezer_scan_host