Try in Splunk SOAR

Description

The hunting Playbook queries a number of internal security technologies in order to determine if any of the artifacts present in your data source have been observed in your environment.

Associated Detections

How To Implement

Be sure to update asset naming to reflect the asset names configured in your environment.

Playbooks

Required field

  • fileHash
  • vault_id

Reference

source | version: 1