Calculate Severity - Critical assets

Deprecated

Use Calculate Severity - Critical Assets v2 playbook instead

DEPRECATED. Use "Calculate Severity - Critical Assets v2" playbook instead. Determines if a critical assest is associated with the invesigation. The playbook returns a severity level of "Critical" if a critical asset is associated with the investigation.

This playbook verifies if a user account or an endpoint is part of a critical list or a critical AD group.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

This playbook does not use any sub-playbooks.

Integrations

This playbook does not use any integrations.

Scripts

  • Set

Commands

This playbook does not use any commands.

Playbook Inputs


NameDescriptionDefault ValueSourceRequired
CriticalUsersThe array of usernames of critical users (comma-separated).--Optional
CriticalEndpointsThe array of hostnames of critical endpoints (comma-separated).--Optional
CriticalGroupsThe array of DN names of critical AD groups (comma-separated).--Optional
AccountThe user account to check against the critical lists.NoneAccountOptional
EndpointThe endpoint to check against the critical lists.NoneEndpointOptional

Playbook Outputs


PathDescriptionType
SeverityThe output severitystring

Playbook Image


Calculate_Severity_Critical_assets