Provides a basic response to phishing incidents.
- Calculates reputation for all indicators.
- Extracts indicators from email attachments.
- Calculates severity for the incident based on indicator reputation.
- Updates reporting user about investigation status.
- Allows manual remediation of the incident.
This playbook uses the following sub-playbooks, integrations, and scripts.
- Process Email - Core
- Extract Indicators From File - Generic v2
This playbook does not use any scripts.
|GetURLScreenshots||Whether the user wants the Rasterize integration to produce images of URLs that are involved in the incident. If "True", screenshots will be taken.||True||Optional|
There are no outputs for this playbook.