Skip to main content
All CollectionsTemplatesBasic
Change Sweet Security incident statuses via Slack Integration - Workflow Template
Change Sweet Security incident statuses via Slack Integration - Workflow Template

Notify SOC and users of Sweet Security alerts, enriching incidents with responses.

Updated over 3 weeks ago

This Torq workflow template automates incident response for Sweet Security alerts by enabling SOC teams to manage incident statuses through Slack. It retrieves incident information, alerts the SOC team in a designated Slack channel, allows for confirmation of activities with the involved user, and facilitates incident status updates and resolutions directly in Slack. This streamlines communication and accelerates the handling and remediation of network and web security alerts.

Trigger

Use Cases

Remediate Network Security Alerts , Remediate Web Security Alerts

Workflow Breakdown

  1. Retrieve incidents from the platform.

  2. Notify the SOC team via a designated Slack channel.

  3. Confirm activity with the suspected user and enrich the event with their response.

  4. Update and resolve incident status directly through Slack

Vendors

Slack, Utils

Tips

  • Add the Webhook URL to the Sweet Platform through the Torq integration by navigating to Settings -> Integration.

  • For the initial setup, click on 'Create New Integration' and enter the Client ID and Secret provided by Sweet.

Did this answer your question?