Xpanse - Alert Self-Enrichment
Cortex Xpanse Pack.#
This Playbook is part of theSupported versions
Supported Cortex XSOAR versions: 6.8.0 and later.
This playbook handles ASM alerts by enriching alert information with Xpanse service and asset details.
#
DependenciesThis playbook uses the following sub-playbooks, integrations, and scripts.
#
IntegrationsCortex Xpanse
#
ScriptsGridFieldSetup
#
Commands- asm-list-external-service
- asm-list-asset-internet-exposure
- asm-get-external-service
#
Playbook Inputs| Name | Description | Default Value | Required | |---------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | --- | | Provider | The externally detected provider for the alert. | ${incident.xpanseprovider} | Required | | IP | The external IP address associated with the alert. | ${incident.xpanseip} | Required |
#
Playbook OutputsThere are no outputs for this playbook.