forked from demisto/content
-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix for 'MDE Malware - Incident Enrichment' playbook (demisto#29842)
* Fix for 'MDE Malware - Incident Enrichment' playbook * updated PNG playbook file * RN * RN * removed the new conditional task and changed the DT expression within the 'key' value of tasks 46 and 47. * DT was removed from the playbook * re-added changes after merging from master * DT was removed from the problematic playbook tasks & added new conditional task to check the incident fields value before setting the new keys * removed the validation for 'MicrosoftATP.Alert.Evidence' context key from the test playbook file. removed the 'SetIfEmpty' transformer from tasks number 46 & 47 within the MDE playbook file. * changed the name, description and condition for task number 56. added the 'manageremailaddress' incident field to the 'setIncident' automation used within task number 52.
- Loading branch information
Showing
6 changed files
with
503 additions
and
558 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
6 changes: 6 additions & 0 deletions
6
Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_11.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
|
||
#### Playbooks | ||
|
||
##### MDE Malware - Incident Enrichment | ||
|
||
- Added a task to ensure that Evidence information should be displayed in the *"Alerts and Related info"*. |
Oops, something went wrong.