Activate a Security Incident Response flow

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • Security administrators and flow designers can use the Security Incident Response flows to automate the process of resolving security incidents in the organization.

    Vorbereitungen

    Role required: sn_si.admin, action_designer, and flow_designer

    Warum und wann dieser Vorgang ausgeführt wird

    The flows provided with the base system are in an inactive state. Activate these flows before you use them.

    Prozedur

    1. Download and install the Security Operations Spoke application.
      This Spoke application provides security operations actions that you can use while defining Security Incident Response flows.
    2. Navigate to Flow Designer > Designer and search for the Security Operations Spoke application to view the Security Incident related flows.
      Security Incident Management SpokesNotice that the flows have a published status and are inactive.
    3. For example, if you want to activate the Automated Malware Playbook flow, click the Security Incident - Automated Phishing Playbook - Template V1 link to view the flow.
      Automated Phishing Playbook Template
      Hinweis:
      You cannot edit the flows provided with the base system as they are read-only flows. You can use these flows as they are or make a copy and modify them as required.
    4. Click Activate to activate the flow.

    Ergebnisse

    The Automated Phishing Playbook flow is active and ready to use.