Security Operations Integration - Block Request Flow

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • The Security Operations Integration - Block Request flow is a high-level flow independent of integrations. It blocks observables associated with a security incident. Use it to fulfill an integration such as Palo Alto Networks - Firewall.

    Before you begin

    Role required: sn_si.analyst

    About this task

    The Security Operations Integration - Block Request flow can be triggered on an observable form, or from the Security Incident Observables related list on a security incident. On a list, it is in the drop-down action menu. On a form, it is a related link. Blocking a request is available only when you have an implementation installed for the block request capability.

    Figure 1. Block Request
    Flow designer for Security Operations Integration- Block Request Flow

    Activities specific to this flow are described here. For more information on other activities, see Common Security Operations integration flows and orchestration Flow Actions.