Follow the playbook development flow to create playbooks that structure and automate many of your security processes.
The playbook development checklist follows the logical flow for developing a playbook.
We recommend that you review the following steps to successfully implement your playbook.
Step | Details | See More |
|---|---|---|
Step 1. Plan your playbook | During the initial planning stage when designing your use case, start defining the playbook flow. Consider the process you want to automate and the steps and the decisions during the process. These steps and decisions become the playbook tasks. | |
Step 2. Build your playbook | Consider whether to use a playbook out-of-the-box, customize an existing playbook, or create a new playbook from scratch. Create playbook tasks, inputs, and outputs. Maintain playbook versioning to keep track of playbook development history. | |
Step 3. Customize your playbook | Fine tune your playbook for your needs, including extracting indicators, extending context, and adding issue fields to the system. | |
Step 4. Test your playbook | Debug errors in your playbook. Use playbook metadata to troubleshoot playbook performance. |