Supported Cortex XSOAR versions: 6.6.0 and later.
This playbook investigates “Malware detected by Microsoft Defender for Endpoint” by gathering Hash and User information and performing remediation based on the information gathered and received from the enrichment.
- Enrichment for Verdict
To link this playbook to the relevant alerts automatically, we recommend using the following filters when configuring the playbook triggers: Alert Source = Correlation AND Alert Name = Malware detected by Microsoft Defender for Endpoint
This playbook uses the following sub-playbooks, integrations, and scripts.
Enrichment for Verdict
This playbook does not use any integrations.
This playbook does not use any scripts.
There are no inputs for this playbook.
There are no outputs for this playbook.