SOAR Playbooks
Security Orchestration, Automation & Response
+ New Playbook
Refresh
-
Active Playbooks
-
Total Executions
-
Success Rate
-
Last Triggered
Playbooks
Execution History
Loading...
Loading...
New Playbook
Playbook Name
Description
Trigger Event
Incident Created
Incident Escalated
Critical Detection
Honeyport Hit
Credential Triggered
SSH Session Auth
Cooldown (seconds)
Trigger Conditions
Match severity level
e.g., 10.0.0.0/8, 192.168.1.0/24
Actions
+ Add Action
Cancel
Save Playbook
Dry-Run Playbook
Sample Trigger Data (JSON)
{"severity": "critical", "source_ip": "203.0.113.42", "detection_type": "ssh_canary_login"}
Close
Run Test