Code42 Exfiltration Playbook
The Code42 Exfiltration playbook acts on Code42 Security Alerts, retrieves file event data, and allows security teams to remediate file exfiltration events by revoking access rights to cloud files or containing endpoints.
Code42 · 25 tasks · 5 inputs · 0 outputs
Inputs
JiraProject— Jira Project for created incident ticketJiraType— Type of Jira ticket to createJiraSummary— Summary to use with Jira ticket creationContainHostsMax— Maximum number of network hosts to contain.DemistoInstanceURL— URL of Demisto instance for emails.
Commands used
closeInvestigation
code42-alert-update
cs-falcon-contain-host
cs-falcon-search-device
jira-create-issue
send-mail