Use "Phishing Investigation - Generic v2" playbook instead
DEPRECATED. Use "Phishing Investigation - Generic v2" playbook instead. Investigates and remediates potential phishing incidents. The playbook simultaneously engages with the user that triggered the incident, while investigating the incident itself.
The final remediation tasks are always decided by a human analyst.
This playbook uses the following sub-playbooks, integrations, and scripts.
- Process Email - Generic
- Email Address Enrichment - Generic
- Search And Delete Emails - Generic
- Detonate File - Generic
- Extract Indicators From File - Generic
- Entity Enrichment - Generic
- Block Indicators - Generic
|Role||The default role to assign the incident to.||Administrator||Required|
|SearchAndDelete||Enable the ||False||Optional|
|BlockIndicators||Enable the ||False||Optional|
There are no outputs for this playbook.