In my view, customer should have the capability to update runbooks according to their own choice. Whatever we are providing that's great but we should also allow user to inject their own scripts in between given command stages to allow inbuilt customization for their own use cases.
For example, if a customer wants to notify vendors through emails during the ongoing investigation/detection of an attack, they should be able to inject a piece of python code as an utility. This can be a selling point in "ease of remediation" section.
In my view, customer should have the capability to update runbooks according to their own choice. Whatever we are providing that's great but we should also allow user to inject their own scripts in between given command stages to allow inbuilt customization for their own use cases.
For example, if a customer wants to notify vendors through emails during the ongoing investigation/detection of an attack, they should be able to inject a piece of python code as an utility. This can be a selling point in "ease of remediation" section.