Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Linking runbooks with security incidents

DevanshiT
Tera Contributor

‎03-07-2024 07:31 AM

Hi,

 

I am trying to link a runbook with incidents and incident response tasks by adding a filter condition.

(Incident description contains phishing) (Screenshot attached)

But this does not reflect when a new phishing incident is created or in any existing incident.

Any suggestions will be helpful.

 

Thanks!

 

 

 

Preview file
57 KB
0 Helpfuls
  • 807 Views
1 REPLY 1

fkaracaer
Tera Contributor

‎03-14-2024 02:20 AM

Hi Devanshi,

Maybe you can change the filter condition to a different data point.

For example, Category is Social Engineering, or if you have use User Reported Phish a specific statement at the beginning of the Short Description of the SIR like, Short Description startswith "User Reported Phish".

 

0 Helpfuls