![]() ![]() ![]() Furthermore, the playbook supports following actions to ensure that the malicious activity is contained:įurther, after completing the containment actions, an email notification is sent to all the relevant users (defined in the playbook). The playbook fetches the hash reputation from VirusTotal as can be seen in the following screenshot.Īfter getting the Hash Analysis Report, the playbook is set to change the disposition of alert to incident and increase the severity of the incident to High if the hash is reported by 10 or more malware engines. SIRP automatically parses all the artifacts received in an alert and then executes a playbook. These playbooks help analysts with enriching their investigative data, threat hunting, and endpoint remedial actions.Ĭonsider an example in which the alert ingested from Trend Micro Apex Central has a SHA-1 hash. Security teams can automate their response to endpoint alerts received from Trend Micro Apex Central by creating playbooks in SIRP. Fueled by decades of security expertise, global threat research, and. Thus, it is critical to orchestrate endpoint protection by utilizing multiple security controls and processes vital to the overall security posture. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Any malicious endpoint, if not handled timely, can be a potential entry point for a cyber attack on the entire organization. Endpoints being one of the major part of a corporate infrastructure need to be protected vigilantly. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |