Skip to main content

Unisolate Endpoint - Generic

This Playbook is part of the Common Playbooks Pack.#

Supported versions

Supported Cortex XSOAR versions: 5.5.0 and later.

This playbook unisolates endpoints according to the endpoint ID or hostname that is provided by the playbook input. It currently supports the following integrations:

  • Carbon Black Response
  • Cortex XDR
  • Crowdstrike Falcon
  • FireEye HX
  • Cybereason


This playbook uses the following sub-playbooks, integrations, and scripts.


  • Carbon Black Response - Unisolate Endpoint
  • Unisolate Endpoint - Cybereason
  • Crowdstrike Falcon - Unisolate Endpoint
  • FireEye HX - Unisolate Endpoint
  • Cortex XDR - Unisolate Endpoint


This playbook does not use any integrations.


This playbook does not use any scripts.


This playbook does not use any commands.

Playbook Inputs#

NameDescriptionDefault ValueRequired
Endpoint_IDThe endpoint id/device id/sensor id/agent id that you want to unisolate.Optional
HostnameThe hostname of the endpoint to unisolate (using Cybereason or FireEyeHX).Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Unisolate Endpoint - Generic