ThreatConnect Marketplace
  • Apps
  • Playbooks
  • Apps
  • Playbooks
Home » Playbook Overview » Amazon GuardDuty Playbook
Back to Apps

Categories:
  • SIEM and Analytics
Built by

ThreatConnect

Amazon GuardDuty Playbook

As a starting point for a variety of Use Cases, the Alert Processing – Amazon GuardDuty playbook template enables the ingestion and processing of findings from Amazon GuardDuty into ThreatConnect. The Playbook is triggered each time a new Finding is generated by a GuardDuty Detector. The Finding details and context are saved as a Case and the relevant Indicators are parsed and saved as Artifacts. The Amazon GuardDuty Service app is required to be installed and configured prior to activating this Playbook.

This Playbook template can be found in the ThreatConnect app catalog under the name: Alert Processing – Amazon GuardDuty

Related Playbooks

Devo
SIEM and Analytics

With the Devo integration, customers have the ability to query their Devo instance

Elastic Security
SIEM and Analytics

With the Elastic Security integration users are able to utilize Kibana SIEM threat detection features with endpoint prevention...

ElasticSearch
SIEM and Analytics

With the Elasticsearch Playbook app and Service app, you can execute a search query and get back search hits that match the...

Developers

  • Knowledge Base
  • Training Site

Company

  • ThreatConnect
  • Contact Us
  • Blog
  • Twitter
  • Facebook
  • Linkedin

© Copyright - ThreatConnect Marketplace
Scroll to top