All, In order to help us have concrete discussions and ensure that we are designing things that will work, I would encourage people to add a real example in the Use Cases document. To this end I have started fleshing out a malware cleanup playbook. You can find it here:
https://docs.google.com/document/d/19JxhZ-rzJTm2AknJL3YnrVRr4L_TFGnszlHoCDWqiWc/edit#heading=h.4iz8u0rgxtuh Please feel free to add to it, expand it, clean it up, etc. You will also see that I am trying to figure out what the JSON structure would look like to capture this information. You will find it below the text for the playbook. It is very much a super early work in progress. Please feel free to add, change, or expand. If you have a totally different idea for how to do it, please add your solution below it. We are just trying to get people thinking and designing. I call this, throwing spaghetti at the wall and seeing what sticks phase. Bret