Shadow IT v1.0.7
This Content Pack provides a new incident type for Shadow IT incidents, and a playbook to handle such scenarios.
- Author:
- Cortex XSOAR
- Support:
- xsoar
agentixxsiam
IT Services
Incident fields (21)
- Shadow IT Account Owner Email
- Shadow IT Account Owner Name
- Shadow IT Billed To Corp
- Shadow IT Certificate
- Shadow IT Cloud Account ID
- Shadow IT Cloud Account Type
- Shadow IT FQDN
- Shadow IT IP
- Shadow IT OU Contact Email
- Shadow IT OU Contact Name
- Shadow IT Organizational Unit
- Shadow IT Port
- Shadow IT Provider
- Shadow IT Region
- Shadow IT Risk
- Shadow IT Sactioned Service
- Shadow IT Sensitive Data
- Shadow IT Service
- Shadow IT Service Purpose
- Shadow IT Source
- Shadow IT User Suggestions
Incident types (1)
Layouts (1)
Playbooks (1)
README
The Shadow IT pack provides additional capabilities for handling Shadow IT incidents in Cortex XSOAR. A Shadow IT incident occurs when a resource attributed to the organization that is not sanctioned by IT nor protected by the InfoSec team is found.
This pack includes a new Shadow IT incident type and a playbook.
What does this pack do?
- Provides an additional Shadow IT incident type.
- Provides a Shadow IT indicator layout.
- Provides a playbook to handle Shadow IT incidents (Handle Shadow IT Incident).
