How to create test cases to validate SOAR playbooks?

Forum|Forum|8 months ago
March 26, 2025
1 reply
49 views

ibr1
New Member

I created a bunch of SOAR playbooks to detect auth issues? But SecOps says "There are no available test cases." How do you validate the test cases in this scenario?

+16

ylandovskyy
Staff
Forum|Forum|8 months ago
March 26, 2025

Hey @ibr1 ,

Test cases can be created from existing Alerts. Here is how you would do it:

Note: you will need to refresh the playbook page after test case will be created for it to be available in the simulation mode.

Like

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded