LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

On this page
  • Repositories Tab
  • Procedures Tab
  • Configuring Table View
  • Techniques Tab
  • Configuring Table View
  • Tactics Tab
  • Configuring Table View
  • Methodologies Tab

Was this helpful?

Export as PDF
  1. PlexTrac Modules
  2. Content Library
  3. RunbooksDB

RunbooksDB Home Page

PreviousRunbooksDBNextManaging Repositories

Last updated 2 months ago

Was this helpful?

The RunbooksDB home page consists of five tabs:

  • Repositories: A set of processes that can be reused and have controlled access.

  • Procedures: A set of steps required to execute a tactic. For example, a procedure for browser extension-based persistence could describe how a malicious extension is injected to maintain persistence.

  • Techniques: A grouping of procedures. Techniques are added to a tactic for use in an engagement. For example, if a tactic is persistence, a technique could exist for browser extensions.

  • Tactics: A grouping of techniques. Tactics are added to a methodology for use in a runbook. This usually represents a type of attack, such as persistence or a privilege escalation from the framework. This can also be a logical grouping or structure for techniques.

  • Methodologies: A grouping of tactics that are put into a runbook. It contains a title, ID, description, and the selected series of tactics. Tactics can be chosen to apply to the methodology when used as a runbook. This is similar to how the MITRE ATT&CK is broken down, where the methodology represents the framework for TTPs.

Repositories Tab

PlexTrac provides a container for all instances called "PlexTrac Curated" that contains community-produced procedures on MITRE/CTI.

This repository contains over 1,500 MITRE procedures from the ATT&CK matrix that can be leveraged. It is available to all users and cannot be deleted.

Once a test plan is imported, another default repository is created. This repository contains all procedures included in the imported test plans.

The default repositories cannot be deleted.

Once added, any additional repositories will be displayed on the page alphabetically according to their title.

Each repository card offers an overview of its contents and settings. It includes the Repository Title, which helps identify the repository, and the Repository Type, which can be categorized as Open, Managed, or Private. The meatballs menu provides convenient options for copying or deleting the repository. Additionally, a Repository Description is available for further context. The card also displays the number of procedures contained, giving insight into the repository's complexity and the number of added users. This indicates the level of collaboration or access granted to others.

Procedures Tab

To view all procedures, click the Procedures tab. This view will display helpful information such as the procedure ID, repository ID, methodology, repository, source, assigned tags, and the ability to edit or delete a procedure.

Configuring Table View

The table view can be customized by clicking the column view icon to the right of the search bar.

Techniques Tab

Click the Techniques tab to view all techniques. This view will display the title, ID, leveraged tactics, and the ability to edit or delete them.

Configuring Table View

The table view can be customized by clicking the column view icon to the right of the search bar.

Tactics Tab

To view all tactics, click the Tactics tab. This view will display the title, ID, leveraged methodology, and the ability to edit or delete.

Configuring Table View

The table view can be customized by clicking the column view icon to the right of the search bar.

Methodologies Tab

Click on the Methodologies tab to see all methodologies and find the title, ID, and options to edit or delete them.

MITRE ATT&CK