Playbook
-
Setup ChecklistPrepares your team to create the best phishing handling workflow.
-
High-level phishing handle life-cycle checklistIncludes a comprehensive checklist that guides your team.
-
Phishing Handling WorkflowOutlines the exact actions to take when a phishing email is detected.
automated
phishing playbook
Our phishing email incident response playbook on the UnderDefense MAXI platform ensures rapid identification and mitigation of phishing threats. It guarantees timely detection and immediate containment measures, complemented by thorough analysis to ascertain scope and origin.
Trigger: The playbook activates upon detecting a phishing email alert from various sources (IAM, Workspace integration, email security systems).
Enrichment: Gathers detailed information on affected users, sender analysis, all targets, and email history.
Containment: Takes decisive actions like quarantining emails, locking out recipients, and notifying the security team.
Remediate:: Restore security by resetting passwords, deleting malicious files, and removing systems from isolation.