The cybersecurity challenge and the opportunity to develop a playbook to solve the problem and be part of the success.
What it does
Helps the incident response teams to automate repetitive tasks of indicator extraction, enrichment , conditional checks and automated response actions based on the results.
How I built it
I used XSOAR hackathon instance and the API integrations
Challenges I ran into
Access to RiskIQ Passivetotal API
Accomplishments that I'm proud of
Successful run of the Playbook :)
What I learned
How to use XSOAR to automate repetitive tasks
What's next for Incident Response Pack
A lot of enhancements that I wasn't able to accomplish during the hackathon duration. I will follow up.