CrowdStrike Falcon Malware - Verify Containment Actions
This playbook is part of the 'Malware Investigation And Response' pack. For more information, refer to https://xsoar.pan.dev/docs/reference/packs/malware-investigation-and-response. This playbook verifies and sets the policy actions applied by CrowdStrike Falcon.
CrowdStrike Falcon · 20 tasks · 1 input · 3 outputs
Inputs
PolicyBehaviourDetails— The path that contains the detection results.
Outputs
Policy.State— Is the policy active?Host.State— Is the host isolated?Process.State— Was the process contained?