Follow the playbook development flow to create playbooks that structure and automate many of your security processes.
The playbook development checklist follows the logical flow for developing a playbook.
We recommend that you review the following steps to successfully implement your playbook.
Step | Details | See More |
---|---|---|
Step 1. Plan your playbook | During the initial planning stage when designing your use case, start defining the playbook flow. Consider the process you want to automate and the steps and the decisions during the process. These steps and decisions become the playbook tasks. | |
Step 2. Develop your playbook | Consider whether to customize an existing playbook or create a new playbook from scratch. Create playbook tasks, inputs, and outputs. Maintain playbook versioning to keep track of playbook development history. | |
Step 3. Customize your playbook | Fine tune your playbook for your needs, including extracting indicators, extending context, and adding incident fields to the system. | |
Step 4. Debug your playbook | Debug errors in your playbook. Use playbook metadata to troubleshoot playbook performance. |