Activate a Security Incident Response flow

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Security administrators and flow designers can use the Security Incident Response flows to automate the process of resolving security incidents in the organization.

    Avant de commencer

    Role required: sn_si.admin, action_designer, and flow_designer

    Pourquoi et quand exécuter cette tâche

    The flows provided with the base system are in an inactive state. Activate these flows before you use them.

    Procédure

    1. Download and install the Security Operations Spoke application.
      This Spoke application provides security operations actions that you can use while defining Security Incident Response flows.
    2. Navigate to Flow Designer > Designer and search for the Security Operations Spoke application to view the Security Incident related flows.
      Security Incident Management SpokesNotice that the flows have a published status and are inactive.
    3. For example, if you want to activate the Automated Malware Playbook flow, click the Security Incident - Automated Phishing Playbook - Template V1 link to view the flow.
      Automated Phishing Playbook Template
      Remarque :
      You cannot edit the flows provided with the base system as they are read-only flows. You can use these flows as they are or make a copy and modify them as required.
    4. Click Activate to activate the flow.

    Résultats

    The Automated Phishing Playbook flow is active and ready to use.