Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

I was wondering if any of you had a cheat sheet to make playbooks to help automate my job for beginners.

robgray8430
New Member
‎03-17-2020 09:48 AM

So pretty much,

-Grabs the list of all vulnerabilities from big fix and/or tenable
-get subnets of the modes we will need to pull vulnerabilities from BigFix
-Have the returned list filter out ones for specific modes or either have the program use another program that does that task

-After all the list are sent to their respected Actions well have the program run the DNS, whois, and BigFix FISMA ID query tools

After all these tasks are completed we would like for Phantom to create a report of the findings and send them to our distro list.

"it would be broken down into individual reports that we can use to add to a remedy ticket"

Labels (2)
Labels
Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...