Skip to main content

Initial SentinelOne Case Creation - Workflow Template

Receives an alert event from SentinelOne and creates a case with Torq using the field mapping nested workflow.

Updated today

This workflow template, "Initial SentinelOne Case Creation," automates the process of handling threat alerts from SentinelOne. When an alert is triggered, the workflow maps the alert fields to a predefined case layout, ensuring all relevant information is captured. It then creates a new case within Torq using the detailed mappings. By automating case creation with precise field mapping, this template enhances the efficiency of security incident responses and streamlines case management workflows for organizations.

Take Me to the Template

Trigger

SentinelOne

Use Cases

Case Management

Workflow Breakdown

  1. Receives an alert event on a SentinelOne Trigger.

  2. Map alert fields to a predefined case layout.

  3. Creates a new case for the alert with a predefined layout.

Vendors

Utils, Torq Cases

Tips

Related Articles
Initial Microsoft Defender for Endpoint Case Creation - Workflow Template
Initial Intezer Case Creation - Workflow Template
Poll for new SentinelOne Threats and Open a Torq Case - Workflow Template
Poll for new CrowdStrike Alerts and Open a Torq Case - Workflow Template
Initial CrowdStrike Case Creation - Workflow Template
Did this answer your question?