Try in Splunk SOAR


Published in response to CVE-2021-44228, this playbook utilizes data already in your Splunk environment to help investigate and remediate impacts caused by this vulnerability in your environment.

  • Type: Investigation
  • Product: Splunk SOAR
  • Apps: Splunk
  • Last Updated: 2021-12-14
  • Author: Lou Stella, Splunk
  • ID: fc0adc66-ff2b-48b0-9a6f-63da6783fd63
  • Use-cases:

Associated Detections

How To Implement

This playbook presumes you have Enterprise Security and have configured Assets & Identities, as well as the Endpoint.Processes datamodel

Explore Playbook


Required field

  • hostName
  • destinationAddress


source | version: 1