Skip to main content

Proactive Threat Hunting - Entity Enrichment

This Playbook is part of the Proactive Threat Hunting Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.9.0 and later.

This playbook will be executed from the "Proactive Threat Hunting" layout button with the objective of enriching information on hosts and users specified by the analyst.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Account Enrichment - Generic v2.1

Integrations#

This playbook does not use any integrations.

Scripts#

  • Print
  • Set
  • DeleteContext
  • JsonToTable

Commands#

  • endpoint
  • xdr-get-alerts
  • setIncident

Playbook Inputs#

There are no inputs for this playbook.

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Proactive Threat Hunting - Entity Enrichment

Edit this page
Report an Issue