This Torq workflow template automates incident response for Sweet Security alerts by enabling SOC teams to manage incident statuses through Slack. It retrieves incident information, alerts the SOC team in a designated Slack channel, allows for confirmation of activities with the involved user, and facilitates incident status updates and resolutions directly in Slack. This streamlines communication and accelerates the handling and remediation of network and web security alerts.
Trigger
Use Cases
Remediate Network Security Alerts , Remediate Web Security Alerts
Workflow Breakdown
Retrieve incidents from the platform.
Notify the SOC team via a designated Slack channel.
Confirm activity with the suspected user and enrich the event with their response.
Update and resolve incident status directly through Slack
Vendors
Slack, Utils
Tips
Add the Webhook URL to the Sweet Platform through the Torq integration by navigating to Settings -> Integration.
For the initial setup, click on 'Create New Integration' and enter the Client ID and Secret provided by Sweet.