Views:

View the required entitlement needed to access each type of playbook.

The availability of certain playbook templates and the ability to execute playbooks depends on your license entitlement for the associated Trend Vision One features and the required data source configuration in Attack Surface Risk Management.
To view the credits needed for each required entitlement, see Credit requirements for Trend Vision One apps and services.
The following table details the requirements for each playbook type.
Category
Template
Required Data Source
Required Entitlement
Attack Surface Risk Management
Risk Reduction
Data sources in Attack Surface Risk Management
Attack Surface Risk Management
CVEs with Global Exploit Activity - Internal Assets
  • XDR Endpoint Sensor
  • Third-party data sources (Nessus Pro, Qualys, Rapid7, or Tenable.io)
CVEs with Global Exploit Activity - Internet-Facing Assets
Root domain configuration in Attack Surface Discovery
Account Configuration Risk
  • Microsoft Entra ID
  • Active Directory (on-premises)
XDR Threat Investigation
Incident Response Evidence Collection
XDR Endpoint Sensor
  • XDR Threat Investigation
  • Credits allocation to the Forensics app
Automated Response Playbook
Data sources / processors
XDR Threat Investigation
Endpoint Response Actions
XDR Endpoint Sensor