Default playbook template improvements 6.4.1
The list of default Playbook templates has been updated.
FAZ Localhost | Compromised Host Incident |
Critical Intrusion Incident | |
Attach Endpoint Vulnerability list to Incident | |
FortiOS | Quarantine Endpoint by FortiOS |
EMS
|
Update Asset and Identity Database |
Run AV Scan on Endpoint |
|
Run Vulnerability Scan on Endpoint |
|
Quarantine Endpoint by EMS |
|
Unquarantine Endpoint by EMS |
|
Enrich Incident with Process List |
|
Enrich Incident with Vulnerability List |
|
Enrich Incident with Software Inventory |
Example of the updated Compromised Host Incident template:
Example of the updated Enrich Incident with Vulnerability List template: