Rubrik Workload Analysis - Rubrik Security Cloud
This playbook fetches workload information for the provided IPs or domains/hostnames, and then increases the XSOAR incident severity based on the workload risk levels and threat information.
Rubrik Security Cloud · 13 tasks · 3 inputs · 0 outputs
Inputs
increase_severity_by— Specify the level in number by which to increase the XSOAR incident severity. Only applicable if match found for the malicious threat hunt or for the malicious threat monitoring of workload. Note: The value can range from 1 to 4. Example: If the current XSOAR incident severity is 1 (Low) and the playbook is set to increase the severity by 2, the XSOAR incident severity will be set to 3 (high).ip_addresses— The optional comma-separated list of IP address(es) for which to use workload information to increase the XSOAR incident severity.domains— The optional comma-separated list of domain(s)/hostname(s) for which to use workload information to increase the XSOAR incident severity.
Commands used
domain
findIndicators
ip