USM Anywhere enables you to create and manage manual and automated playbooks. These playbooks allow you to accelerate your threat detection and incident response process by streamlining and automating common or alarm-specific workflows. Playbooks provide you the ability to choose a set of steps that should be taken to respond to alarms. Automated playbooks run automatically when an alarm is triggered based off an alarm rule, while manual playbooks require users to manually execute the actions within the playbook as part of their response to the alarm in USM Anywhere.

This topic discusses these subtopics: