Try in Splunk SOAR

Description

Published in response to CVE-2021-44228, this playbook utilizes data already in your Splunk environment to help investigate and remediate impacts caused by this vulnerability in your environment.

  • Type: Investigation
  • Product: Splunk SOAR
  • Apps: Splunk
  • Last Updated: 2021-12-14
  • Author: Lou Stella, Splunk
  • ID: fc0adc66-ff2b-48b0-9a6f-63da6783fd63

Associated Detections

How To Implement

This playbook presumes you have Enterprise Security and have configured Assets & Identities, as well as the Endpoint.Processes datamodel

Playbooks

Required field

Reference

source | version: 1