Supported Cortex XSOAR versions: 6.5.0 and later.
For a given alert and remediation path rules that are defined for that alert's attack surface rule, this script takes each remediation path rule and looks at the rule criteria to see if the rule matches for the given alert. If multiple rules match, it will return the most recently created rule. This assumes that the rules passed in are filtered to correlate with the alert's attack surface rule.
|Alert's Remote IP.
|Is this in a development environment?
|Is this cloud managed?
|Has a service owner been identified?
|Includes Cloud and Xpanse tags
|Externally Detected Providers
|List of remediation path rules for the alert's attack surface rule.
There are no outputs for this script.