Update the incident details of a threat.

Parameters

ParameterDescription
New Incident StatusThe new incident status.Options: in_progressresolvedunresolved
Threats IDsThreats to update their external ticket ID.

Example Output

{
	"errors": [
		{
			"type": "object"
		}
	],
	"data": {
		"affected": "integer",
		"details": [
			{
				"analystVerdict": "updated",
				"result": "updated",
				"threatId": "225494730938493804"
			}
		]
	}
}

Workflow Library Example

Update Threat Incident with Sentinelone and Send Results Via Email

Preview this Workflow on desktop