Which device can execute tasks based on a configured playbook in FortiSOC?

The capability to execute tasks based on a configured playbook in FortiSOC is tied specifically to devices that have been configured with a FortiSOC fabric connector. This integration allows these devices to communicate effectively with FortiSOC, facilitating the execution of automated responses as outlined in the playbook.

The FortiSOC fabric connector acts as a bridge, enabling the sharing of information and coordination of actions between FortiSOC and other compatible devices in the network. When a threat is detected and a relevant playbook is triggered, the configured device can take predefined actions, such as blocking traffic, sending notifications, or collecting additional data, based on its interaction with FortiSOC.

This is a sophisticated feature that leverages the orchestration capabilities of FortiSOC to improve incident response times and enhance overall security posture by automating certain tasks. Devices that do not have this specific connector may not be able to execute playbook tasks effectively, as they lack the necessary integration with FortiSOC for this purpose.