SlashNext Phishing Incident Investigation Playbook

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Enhance your security with threat hunting and incident investigation using this playbook. Scan with world’s largest, real-time phishing intelligence database for accurate, definitive binary verdicts on suspicious URLs and download phishing forensics including webpage screenshots, HTML and text. The playbook shall perform the analysis of all URL entities attached to an existing incident using SlashNext Logic Apps Connector and add threat information to each malicious incident.

Attribute	Value
Type	Playbook
Solution	SlashNext
Source	View on GitHub

Additional Documentation

📄 Source: SlashNextPhishingIncidentInvestigation/readme.md

Overview

SlashNext Phishing Incident Investigation Playbook

Prerequisites

SlashNext Logic Apps Connector supports Basic authentication, while creating connection you will be asked to provide API key. To acquire SlashNext API key, please contact us at support@slashnext.com or visit SlashNext.com

Deployment Instructions

Deploy with Incident Trigger (recommended) - After deployment, attach this playbook to an automation rule so it runs when the incident is created.

Learn more about automation rules

Post-Deployment Instructions

a. Authorize Connection

Once deployment is complete, authorize SlashNext Logic Apps Connector connection.

Click on the SlashNext connection resource
Click Edit API connection
Enter API key acquired from SlashNext
Click Save

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Playbooks · Back to SlashNext