Supported Cortex XSOAR versions: 6.0.0 and later.
Take a remediation action over an asset:
Use this playbook as a sub-playbook to take a remediation action on an asset. Available remediation actions are 1) Remove public sharing, 2) Quarantine, and 3) Restore.
This playbook implements polling by continuously running the
command to get the remediation status for a given asset ID, until the operation completes.
The remote action should have the following structure:
- Initiate the operation - provide the Asset ID and the remediation action.
- Poll to check if the operation completed.
- Get the results of the operation.
This playbook uses the following sub-playbooks, integrations, and scripts.
- SaaS Security
This playbook does not use any scripts.
|The ID of the asset to remediate
|The remediation action to take.
Possible values: Remove public sharing, Quarantine, Restore.
|Used when remediation type is “remove_public_sharing”, when set to true, all the parent folder sharing url will be removed.
There are no outputs for this playbook.