Activate a Security Incident Response flow

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 2분

    • Security administrators and flow designers can use the Security Incident Response flows to automate the process of resolving security incidents in the organization.

    시작하기 전에

    Role required: sn_si.admin, action_designer, and flow_designer

    이 태스크 정보

    The flows provided with the base system are in an inactive state. Activate these flows before you use them.

    프로시저

    1. Download and install the Security Operations Spoke application.
      This Spoke application provides security operations actions that you can use while defining Security Incident Response flows.
    2. Navigate to Flow Designer > Designer and search for the Security Operations Spoke application to view the Security Incident related flows.
      Security Incident Management SpokesNotice that the flows have a published status and are inactive.
    3. For example, if you want to activate the Automated Malware Playbook flow, click the Security Incident - Automated Phishing Playbook - Template V1 link to view the flow.
      Automated Phishing Playbook Template
      주:
      You cannot edit the flows provided with the base system as they are read-only flows. You can use these flows as they are or make a copy and modify them as required.
    4. Click Activate to activate the flow.

    결과

    The Automated Phishing Playbook flow is active and ready to use.