Supported Cortex XSOAR versions: 6.0.0 and later.
An example of playbook using data from XM Cyber to help decide about scanning and isolating a threat
This playbook uses the following sub-playbooks, integrations, and scripts.
- Isolate Endpoint - Generic V2
- Endpoint Enrichment By Hostname - XM Cyber
- Endpoint Enrichment By IP - XM Cyber
- Scan Assets - Nexpose
This playbook does not use any integrations.
This playbook does not use any scripts.
This playbook does not use any commands.
There are no inputs for this playbook.
|The status of the isolation operation.
|The scan status. Valid values are aborted, unknown, running, finished, stopped, error, paused, dispatched, integrating
|The number of assets found in the scan
|The total number of vulnerabilities.
|Entity is a critical asset
|Level of the average complexity to compromise this entity
|Number of unique critical assets at risk from this entity