Playbook: Hunting
Description
The hunting Playbook queries a number of internal security technologies in order to determine if any of the artifacts present in your data source have been observed in your environment.
Apps
Splunk, Reversing Labs, Carbon Black Response, Threat Grid, Falcon Host API
How To Implement
Be sure to update asset naming to reflect the asset names configured in your environment.
Explore Playbook
Required fields
-
fileHash
-
vault_id
Reference
source | version: 1