Working with automated flows
Use these defined steps to learn how you can use the automated flows in TISC and its capabilities.
Create flows that run with TISC roles. In TISC the flows are created for the following:
- Automated IOC Enrichment
- Analyze, assess and disseminate on the IoC’s related to threat
- Analyze, assess the IoC’s related to the threat and create incident.
- Vulnerability Management Support.
- Zero-day vulnerability tracking.
Note:
All the flows are templates which are shipped in draft state for the users to customize or copy according to their own needs.
Reusable Actions
| Flow action | Description |
|---|---|
| Add Tag To Entity | Adding tag to an entity which supports it (observable/indicator/object). |
| Remove tag from entity | Removing tag to an entity which supports it (observable/indicator/object). |
| Check if IP address is in CIDR range | Checking if an IP address in inside a CIDR range. |
| Check if IP address is in range | Checking if an IP address is in between from and to range. |