Security Playbooks

Automate a wide variety of actions, from assessment of your environment to remediation actions.

Security playbooks enable automation of a variety of actions, helping reduce workload while speeding up security tasks and investigations. You can create playbooks from scratch or use templates to create playbooks and customize the settings within each playbook node to tailor the playbook to your needs. Depending on the playbook type, you can designate the playbooks run manually, periodically, or automatically in response to a trigger.

The following table outlines the tabs available in the Security Playbooks app.



Execution Results

Check playbook execution status, approve pending actions, edit playbooks, and view execution results of playbooks



  • Preview playbook templates in view-only mode and choose templates to create playbooks

  • Filter by template type using the drop-down list

  • View the templates that are applicable to Risk Insights or XDR Threat Investigation by clicking