Integrate a SOAR playbook for NetApp Ransomware Resilience
Contributors
Suggest changes
PDFs
Ransomware Resilience offers security orchestration, automation, and response (SOAR) playbooks that enable you to automate tasks such as threat response.
Ransomware Resilience playbooks offer the following capabilities:
-
Create a snapshot of a volume
-
Enrich an IP address with threat intelligence
-
Enrich storage information for a given agent and system
-
Take a volume offline for incident response
-
Test connectivity
-
Review the status of an enrichment job
Playbooks
Ransomware Resilience offers playbooks for Microsoft Sentinel and Splunk. Review the respective GitHub pages for setup details.
|
For Splunk Cloud, you must be running platform version 7.0, 7.1, 7.2, 8.0, or 8.4. For more information, see Splunkbase. |