-
54000058197
Alert Playbook - Cloud Identity
Login Context
Identify the normal user behavior and login details:
Sentinel Query: CTS - Uni
-
54000058208
Alert Playbook - Device - Malware
Consider the criticality of the device for escalation. Workstation/Server
We want to identify th
-
54000058212
Alert Playbook - Device - File/Process/Script/Tool
Do not assume an account is not compromised. We do not know who is behind a legitimate account.
-
54000058416
Playbook - VirusTotal File
Press the “Reanalyse” button if the Last Analysis Date is not recent.
Number of detections