Email Address Enrichment - Generic v2

Deprecated

DEPRECATED. Use "Email Address Enrichment - Generic v2.1" playbook instead. Enriches email addresses.

Email address enrichment involves:

  • Getting information from Active Directory for internal addresses.
  • Getting the domain-squatting reputation for external addresses.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

This playbook does not use any sub-playbooks.

Integrations

This playbook does not use any integrations.

Scripts

  • Exists
  • IsEmailAddressInternal
  • ADGetUser
  • EmailDomainSquattingReputation

Commands

This playbook does not use any commands.

Playbook Inputs


NameDescriptionDefault ValueSourceRequired
InternalDomainsThe CSV list of internal domains. The list will be used to determine whether an email address is internal or external.Noneinputs.InternalDomainsOptional
EmailThe email addresses to enrich.Email.AddressAccountOptional
DomainThe domains associated with the incident.inputs.Domain-Optional

Playbook Outputs


PathDescriptionType
AccountThe account object.unknown
Account.Email.AddressThe email account full address.string
Account.GroupsThe groups the account belongs to.string
Account.Email.DomainThe email account domain.string
Account.Email.NetworkTypeThe email account networktype. Can be, "Internal" or "External".string
Account.TypeThe account entity type.string
Account.Email.UsernameThe email account username.string
Account.IDThe unique account DN (Distinguished Name).string
Account.DisplayNameThe account display name.string
Account.ManagerThe account's manager.string
Account.Email.Distance.DomainThe compared domain.string
Account.Email.Distance.ValueThe distance between the email domain and the compared domain.number
DBotScore.IndicatorThe indicator.string
DBotScoreThe DBotScore object.unknown
DBotScore.TypeThe indicator type.string
DBotScore.VendorThe DBot score vendor.string
DBotScore.ScoreThe DBot score.number

Playbook Image


Email_Address_Enrichment_Generic_v2