Risk Notable Review Indicators
Description
This playbook was designed to be called by a user to process indicators that are marked as suspicious within the SOAR platform. Analysts will review indicators in a prompt and mark them as blocked or safe.
- Type: Response
- Product: Splunk SOAR
- Apps:
- Last Updated: 2021-10-22
- Author: Kelby Shelton, Splunk
- ID: 080edc96-ff2b-48b0-9f6f-73da3783fd63
- Use-cases:
Associated Detections
How To Implement
For detailed implementation see https://docs.splunk.com/Documentation/ESSOC/latest/user/Useplaybookpack
Explore Playbook
Required field
Reference
source | version: 1