Security Operations Integration - Publish to Watchlist Flow

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:1分

    • The Security Operations Integrations - Publish to Watchlist flow is a high-level flow independent of integrations. It adds observables to third-party watchlist that support the capability. Use it to fulfill an integration.

    始める前に

    Role required: sn_si.analyst

    このタスクについて

    This flow is visible and runs only when an integration is available. It is triggered from the Observables or Associated Indicators tab on a security incident.

    図 : 1. Publish to Watchlist
    Security Operations Integration - Publish to Watchlist capability flow

    Activities specific to this flow are described here. For more information on other activities, see Common Security Operations integration flows and orchestration activities.