Integrate with Gem to use alerts as a trigger for Cortex XSOAR’s custom playbooks, and automate response to specific TTPs and scenarios.
The Gem Cortex XSOAR content pack adds a special playbook trigger for Gem alerts, as well as built-in Gem actions and pre-defined playbooks to use with specific cloud incidents.
Use Gem alerts as a trigger for Cortex XSOAR’s custom playbooks, and automate response to specific TTPs and scenarios.
This pack contains enables the following:
Import/subscribe to Gem alerts and use them as playbook triggers, including all the cloud-related context from involved entities to triggering events
Run Gem API actions using XSOAR commands to automatically manage incidents, sync status bi-directionally and effectively contain suspicious activity, all in a cloud-native seamless way
Respond automatically using pre-defined playbooks for specific scenarios like a compromised machine and root user activity
For more information, visit https://gem.security.
The Gem Cortex content pack adds a special playbook trigger for Gem alerts, as well as built-in Gem actions and pre-defined playbooks to use with specific cloud incidents.
Use Gem alerts as a trigger for Cortex’s custom playbooks, and automate response to specific TTPs and scenarios.
This pack contains enables the following:
Import/subscribe to Gem alerts and use them as playbook triggers, including all the cloud-related context from involved entities to triggering events
Run Gem API actions using XSOAR commands to automatically manage incidents, sync status bi-directionally and effectively contain suspicious activity, all in a cloud-native seamless way
Respond automatically using pre-defined playbooks for specific scenarios like a compromised machine and root user activity
For more information, visit https://gem.security.
