Skip to main content

SafeBreach - Rerun Insights

This Playbook is part of the SafeBreach - Breach and Attack Simulation platform (Deprecated) Pack.#

Deprecated

No available replacement.

Deprecated. No available replacement.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • SafeBreach - Rerun Single Insight
  • GenericPolling

Integrations#

This playbook does not use any integrations.

Scripts#

  • Sleep
  • Print

Commands#

This playbook does not use any commands.

Playbook Inputs#


NameDescriptionDefault ValueRequired
InsightIdsSafeBreach Insight Ids to rerunSafeBreach.Insight.IdRequired

Playbook Outputs#


PathDescriptionType
SafeBreach.Insight.NameInsight name representing the action required to be takenString
SafeBreach.Insight.IdInsight unique idNumber
SafeBreach.Insight.DataTypeInsight data type. Options: Hash, Domain, URI, Command, Port, ProtocolArray
SafeBreach.Insight.CategorySecurity control category nameString
SafeBreach.Insight.LatestSimulationTime of the latest simulation from the insightString
SafeBreach.Insight.SimulationsCountNumber of the related simulationsNumber
SafeBreach.Insight.RiskImpactRisk impact of the insight on the environment total risk scoreNumber
SafeBreach.Insight.AffectedTargetsCountNumber of the affected targetsNumber
SafeBreach.Insight.SeverityScoreInsight severity numeric valueNumber
SafeBreach.Insight.SeverityInsight severity mapped to low/medium/highString
SafeBreach.Insight.RemediationDataCountNumber of the remediation data pointsNumber
SafeBreach.Insight.RemediationDataTypeType of the remediation dataString
SafeBreach.Insight.ThreatGroupsArray of APT names that are mapped to the insightArray
SafeBreach.Insight.NetworkDirectionCommunication direction of Insight, relative to the target (inbound/outbound)String
SafeBreach.Insight.AttacksCountList of all insight related SafeBreach attack idsArray