Pentera Filter And Create Incident

Sub-playbook to select specific entries from the Pentera action report and create incidents for each of the selected entries

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

This playbook does not use any sub-playbooks.

Integrations

  • Builtin

Scripts

  • SetAndHandleEmpty
  • PenteraOperationToIncident

Commands

  • createNewIncident

Playbook Inputs


NameDescriptionDefault ValueRequired
Filter password crackingFilter all password cracking operation typesTrueRequired
Filter BlueKeep vulnerabilityFilter all BlueKeep operation typesTrueRequired
Filter Minimum SeverityFilters actions according to given value.
Will not filter anything if got zero (0) as value.0Required
FullActionReportPentera Full Action Report is the summary of the given TaskName in a CSV format, that contains all the actions that Pentera performed during the task run.
The value will be provided from Pentera Run Scan and Create Incidents playbook.Required
Filter MS17-010 vulnerabilityFilter all MS17-010 operation typesTrueRequired
Filter network device default password usageFilter all network device default password operation typesTrueRequired
Filter open sharesFilter all open shares operation typesTrueRequired

Playbook Outputs


There are no outputs for this playbook.