SSO password spray playbook #36548
SSO password spray playbook #36548
Conversation
There was a problem hiding this comment.
how this change is related to the SSO password spray playbook?
There was a problem hiding this comment.
Just saw this small mistake in Arik's trigger file and told him that I will fix in my PR.
There was a problem hiding this comment.
please make this playbook more visually compact, it has less than 20 tasks but visually looks very long
| task: | ||
| id: 7da596f4-aa21-49e1-8640-366e9803b7cf | ||
| version: -1 | ||
| name: Is the user agent suspicious or user risk score high? |
There was a problem hiding this comment.
It is not clear from the task name if and how you consider the interval analysis, please clarify
There was a problem hiding this comment.
Please use the same format as Arik's and Omri's format in the Suspicious SaaS Access From a TOR Exit Node & A successful SSO sign-in from TOR Playbooks
(new line after Early Containment etc..)
There was a problem hiding this comment.
We will make it more compact together @AdiPeret @karinafishman
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-11356
Description
A few sentences describing the overall goals of the pull request's commits.
Must have