Working with automated flows
Use these defined steps to learn how you can use the automated flows in TISC and its capabilities.
Create flows that run with TISC roles. In TISC the flows are created for the following:
- Automated IOC Enrichment
- Analyze, assess and disseminate on the IoC’s related to threat
- Analyze, assess the IoC’s related to the threat and create incident.
- Vulnerability Management Support.
- Zero-day vulnerability tracking.
- Automatic Threat Actor priority tagging.
Note:
All the flows are templates which are shipped in draft state for the users to customize or copy according to their own needs.
Reusable Actions
| Flow action | Description |
|---|---|
| Add Tag To Entity | Adding tags support to entities representing observables, indicators, and objects. |
| Remove tag from entity | Removing tags support to entities representing observables, indicators, and objects. |
| Add Taxonomy To Entity | Adding taxonomy values support to entities representing observables, indicators, and objects. |
| Remove Taxonomy from entity | Removing taxonomy values support to entities representing observables, indicators, and objects. |
| Check if IP address is in CIDR range | Checking if an IP address in inside a CIDR range. |
| Check if IP address is in range | Checking if an IP address is in between from and to range. |