Many of you have asked for it, it is now available!

This new playbook let you manually enrich your XDR alerts directly in the comments, with data from https://www.abuseipdb.com/. AbuseIPDB is a project managed by Marathon Studios Inc. They provide a crowdsourced list of malicious IPs.

As usual, this enrichment can be deployed in 3 clicks with our catalog of playbooks templates. The only thing you need is an AbuseIPDB API key, so let’s automate your alerts workflow!