Description
Course Content
- Automation best practices
- The visual playbook editor
- Using actions and decisions
- Using action results
- Testing and debugging playbooks
- User interaction
- Output formatting
- Complex logic
- Interacting with artifacts
- Using the vault in a playbook
- Custom lists
Who should attend
IT and security practitioners
Prerequisites
To be successful, students should have a solid understanding of the following:
- Familiarity with Python programming
- One of the following:
- Administering SOAR (preferred)
- Using SOAR Video Courses
Outline: Developing SOAR Playbooks (DSOARP)
Topic 1 – Introduction to Playbooks
- Understand automation best practices
- Design playbooks
- Python support
- Use the playbook manager
Topic 2 – Visual Playbook Editor
- Use the visual playbook editor
- Use actions and decisions
- Process action results
- Test new playbooks
Topic 3 – User Interaction and Logic
- Interact with users during playbook execution
- Format outputs
- Use decision blocks
Topic 4 – Accessing and Formatting Data
- Accessing action results
- Accessing artifact and container data
- Formatting data
Topic 5 – Modular Playbook Development
- Calling other playbooks
- Creating artifacts
- Sending email
- Passing data between playbooks
Topic 6 – Custom Lists and Filters
- Custom list concepts
- Create custom lists
- Access lists from playbooks
- Use filters