Playbooks that will be triggered by time
Thomas Giligan Member
I thought it would bring great value if Siemplify will have a module\playbook that will automatically run on different threat intel sites once a day for example and extract threat intelligence from intelligence sources.
extract and? store on siemplify server? Use it immediately for i.e. threat hunting playbook?
I guess that could be done by a job.
Yea it can be done with a job. Maybe it would be a good idea to allow running integrations directly from the job and even allow creating alerts with playbooks attached to them to initiate a process based on findings.
I too think running playbooks as a job would be a good enhancement.
Because as far as I know, all jobs are code, so for people who don't know how to code their own jobs, this could help a lot :)