Menu
Cortex XSOAR for Developers (Formerly Demisto)Cortex XSOAR for Developers (Formerly Demisto)Developer DocsArticlesReference
Products
  • PAN-OS
  • Cortex Data Lake
  • Cortex XSOAR
Partners
  • Why Cortex XSOAR?
  • Become a Partner
  • Marketplace
  • Adopt-a-Pack
  • Pack Certification
  • Office Hours
  • Development Partners
  • Sign Up Now
Blog
🌜
🌞
Cortex XSOAR for Developers (Formerly Demisto)Cortex XSOAR for Developers (Formerly Demisto)
  • Products
    • PAN-OS
    • Cortex Data Lake
    • Cortex XSOAR
  • Developer Docs
  • Articles
  • Reference
  • Partners
    • Why Cortex XSOAR?
    • Become a Partner
    • Marketplace
    • Adopt-a-Pack
    • Pack Certification
    • Office Hours
    • Development Partners
    • Sign Up Now
  • Blog
  • Welcome
  • Getting Started
    • Getting Started Guide
    • Cortex XSOAR Concepts
    • Design
      • Design Your Contribution
      • Use Cases
      • Design Best Practices
    • Developing
      • Cortex XSOAR IDE
      • PyCharm IDE Plugin
      • Development Setup
    • Frequently Asked Questions
  • Contributing
    • Contributing
    • Contribution Requirements
    • Contribution Checklist
    • Pull Request Conventions
    • Contributing via Cortex XSOAR
  • Content Packs
    • Content Packs Structure
    • Pack Documentation
    • Release Notes
    • Premium Packs setup
  • Integrations & Scripts
    • Components
      • Directory Structure
      • Metadata YAML File
      • Parameter Types
      • Integration Description File
      • Integration Logo Standards
      • README File
    • Developing
      • Python Code Conventions
      • Fetching Incidents
      • Context and Outputs
      • Context Standards
        • About Context Standards
        • Mandatory Context Standards
        • Recommended Context Standards
      • Generic Commands
        • Generic Commands
        • Generic Reputation Commands
      • Reputation and DBotScore
      • Using Docker
    • Testing
      • Linting
      • Unit Testing
      • Test Playbooks
      • Debugging
    • Advanced Topics
      • Feed Integrations
      • PowerShell
      • Fetching Credentials
      • Long Running Containers
      • Cortex XSOAR Transform Language (DT)
      • Integration Cache
      • Mirroring Integration
      • OpenAPI (Swagger) Code-Gen
  • Playbooks
    • Playbooks
    • Playbook Contribution Guide
    • Create Playbooks
    • Playbook Settings
    • Playbook Conventions
    • Inputs and Outputs
    • Extend Context
    • Create a Playbook Task
    • Create a Conditional Task
    • Communication Tasks
    • Create a Communication Task
    • Customize a Communication Task Message
    • Generic Polling
    • Playbook Task Field Reference
    • Generic Playbooks
    • Playbook Documentation
  • Incidents, Fields & Layouts
    • Cortex XSOAR Incident Lifecycle
    • Working with Incident Types
    • Customize Incident Layouts
    • Working with Incident Fields
    • Jobs
    • Auto Extract
    • Classification and Mapping
    • Pre-processing Rules
  • Documentation
    • Documentation Best Practices
    • Pack Documentation
    • Pack Release Notes
    • README File
    • Integration Description File
  • Tutorials
    • Set Up Your Dev Environment
    • Contribution Design
    • Create an Integration
  • Privacy Statement

Generic Playbooks

Generic playbooks mapped by use case#

Generic PlaybookUse Cases
Get Original Email - GenericEmail Gateway
Account Enrichment GenericIAM
Block AccountIAM
Block File GenericEndpoint
Block IP GenericNetwork Security (Firewall)
Block URL GenericNetwork Security (Firewall)
Detonate File GenericSandbox
Detonate URL GenericSandbox
Domain Enrichment GenericData Enrichment & Threat Intelligence
Email Address Enrichment GenericEmail Gateway
Endpoint Enrichment GenericEndpoint
File Enrichment GenericData Enrichment & Threat Intelligence
Get File Sample By Hash - GenericEndpoint
Get File Sample From Path - GenericEndpoint
IP Enrichment GenericData Enrichment & Threat Intelligence
Isolate Endpoint GenericEndpoint
Retrieve File From Endpoint GenericEndpoint
Search And Delete Emails GenericEmail Gateway
Search Endpoint By Hash GenericEndpoint
URL Enrichment GenericData Enrichment & Threat Intelligence
Edit this page
Last updated on 11/10/2020
Report an Issue
Previous
« Playbook Task Field Reference
Next
Playbook Documentation »
  • Generic playbooks mapped by use case

Docs

  • Developer Docs
  • Become a Technology Partner

Social

  • Blog
Palo Alto Networks for Developers
Copyright © 2021 Palo Alto Networks, Inc.