Skip to main content

Update Threat Incident

Update the incident details of a threat.

Parameters

ParameterDescription
New Incident StatusThe new incident status.Options:
in_progressresolvedunresolved
Threats IDsThreats to update their external ticket ID.

Example Output

{
"errors": [
{
"type": "object"
}
],
"data": {
"affected": "integer",
"details": [
{
"analystVerdict": "updated",
"result": "updated",
"threatId": "225494730938493804"
}
]
}
}

Workflow Library Example

Update Threat Incident with Sentinelone and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop