Supported Cortex XSOAR versions: 6.0.0 and later.
This playbook provides a basic response to phishing incidents, including:
- Calculating reputation for all indicators
- Extracting indicators from email attachments
- Calculating severity for the incident based on indicator reputation
- Updating the reporting user about investigation status
- Enabling manual incident remediation
This updated playbook uses: 1) Incident fields instead of labels 2) The "Process Email - Core v2" playbook
This playbook uses the following sub-playbooks, integrations, and scripts.
- Extract Indicators From File - Generic v2
- Process Email - Core v2
This playbook does not use any integrations.
This playbook does not use any scripts.
|GetURLScreenshots||Whether the user wants the Rasterize integration to produce images of URLs involved in the incident. If "True", screenshots are taken.||True||Optional|
There are no outputs for this playbook.