Response Workflows
In the Response process is designed to automate the response for cases. This phase can be fully customized to suit each customer's specific tools and preferred workflows. Additionally, it automatically closes stale cases, which are cases that have been open for more than 30 days.
Custom Use Case Example: "Malware Subflow"
This custom built subflow processes an alert related to a malware incident, checking the status of the malware within the system (such as whether it has been deleted or quarantined). Depending on the outcome, the workflow will either update the severity of the case or automatically resolve it by closing the case.
Custom Use Case Example: "Phishing Subflow"
This custom built subflow automates the investigation and response to phishing emails, checking email headers and variables to determine if the email is a phishing attempt, and then either closes the case or updates it based on the findings.