Playbook for Manual Phishing
The Manual Phishing Playbook provides step-by-step guidance for your analysts on how they can manually resolve specific types of security threats in your phishing activities.
Overview of Playbook for Manual Phishing
The Manual Phishing Playbook template is designed to perform the phishing response tasks manually and includes a sequence of actions that includes trigger conditions. You can use the PAD templates to perform the steps in the phishing response playbook and resolve these incidents efficiently.
This playbook can be used if a security incident is created or updated. You need to activate the Manual Phishing Playbook on the Process Automation Designer (PAD) and then perform all the tasks, such as analysis, contain, eradicate, and review.
The following are the stages of the process definition and correspond to the security incident state:
- Analysis
- Contain
- Eradicate
- Review
Each stage has activities within it.
Once you mark a task complete in a stage, you can move to the next task. You can save a task at any point in time and return to the playbook at a later date and time. After you complete all the tasks in a stage, you can move to the next stage. The status is reflected in the left-hand panel as you keep completing tasks and stages. An Activity Log on the right-hand side of the playbook shows all the data that you have entered for each task.
After you complete all the tasks, you’re asked to review the details you entered in all the stages. You can choose to edit any field or click Finish to complete the process of creating the entitlement.