Playbook: Hunting

Description

The hunting Playbook queries a number of internal security technologies in order to determine if any of the artifacts present in your data source have been observed in your environment.

Apps

Splunk, Reversing Labs, Carbon Black Response, Threat Grid, Falcon Host API

How To Implement

Be sure to update asset naming to reflect the asset names configured in your environment.

Explore Playbook

explore

Required fields

  • fileHash

  • vault_id

Reference

source | version: 1