Skip to main content

Workflow Template: Initial SentinelOne Case Creation

Receives an alert event from SentinelOne and creates a case with Torq using the field mapping nested workflow.

Updated yesterday

The "Initial SentinelOne Case Creation" workflow template streamlines the process of managing security alerts by automating case creation in Torq. Upon receiving an alert from SentinelOne, the workflow maps alert fields to a predefined case layout, ensuring consistent and efficient case management. This template is ideal for organizations looking to enhance their incident response capabilities by integrating SentinelOne alerts into their case management system, reducing manual effort and improving response times.

Take Me to the Template

Trigger

CrowdStrike

Use Cases

Case Management

Workflow Breakdown

  1. Receives an alert event on a SentinelOne Trigger.

  2. Map alert fields to a predefined case layout.

  3. Creates a new case for the alert with a predefined layout.

Vendors

Utils, Torq Cases

Tips

Related Articles
Workflow Template: Initial Microsoft Defender for Endpoint Case Creation
Workflow Template: Initial Intezer Case Creation
Workflow Template: Poll for new SentinelOne Threats and Open a Torq Case
Workflow Template: Poll for new CrowdStrike Alerts and Open a Torq Case
Workflow Template: Initial CrowdStrike Case Creation
Did this answer your question?