Playbook: Risk Notable Review Indicators

Description

This playbook was designed to be called by a user to process indicators that are marked as suspicious within the SOAR platform. Analysts will review indicators in a prompt and mark them as blocked or safe.

How To Implement

For detailed implementation see https://docs.splunk.com/Documentation/ESSOC/latest/user/Useplaybookpack

Explore Playbook

Click the playbook screenshot to explore in more detail!

explore

Reference

source | version: 1