v9.0
In the Response process is designed to automate the response for cases. This phase is fully customized to suit each customer’s specific tools and preferred workflows. Additionally, it automatically closes stale cases, which are cases that have been open for more than 30 days.
Note: This workflow is provided as a basic skeleton template and is designed to be fully customizable to suit your specific needs. Customization of the workflow will be required to align it with your exact requirements, and any adjustments made to the workflow will be the responsibility of the user.

Custom Use Case Example: “Malware”

This custom built workflow processes an alert related to a malware incident, checking the status of the malware within the system (such as whether it has been deleted or quarantined). Depending on the outcome, the workflow will either update the severity of the case or automatically resolve it by closing the case.

Custom Use Case Example: “Phishing”

This custom built workflow automates the investigation and response to phishing emails, checking email headers and variables to determine if the email is a phishing attempt, and then either closes the case or updates it based on the findings.