The "Initial Intezer Case Creation" workflow template is designed to streamline case management by automating the creation of new cases from Intezer alerts. This workflow maps alert fields to custom fields and observables, ensuring that all relevant information is captured and organized in a predefined layout. It is particularly useful for security teams looking to efficiently manage and respond to alerts by creating detailed cases that include observables, custom fields, and markdown tables. This template can be triggered as a function after receiving or fetching Intezer alerts, providing a structured approach to incident response and case management.
Optional Triggers
["Use this workflow as a function after receiving or fetching Intezer alerts."]
Use Cases
Case Management
Workflow Breakdown
Map alert fields to custom fields and observables.
Creates a new case for the alert with a predefined layout.
Vendors
Utils, Torq Cases
Workflow Output
Select extended output to get complete case details.