This Torq workflow template is designed for rapid incident response to malware events detected by Veeam Backup & Replication. It streamlines the process of creating and managing cases within Torq by auto-generating a case with predetermined severity levels and service level agreements (SLAs) based on the severity of the malware alert. For "Warning" alerts, cases are given HIGH priority with a 4-hour SLA, while "Error" alerts marked as Infected escalate to CRITICAL severity alongside a 1-hour SLA. An integrated Runbook is also attached to guide through the resolution process, ensuring efficient and effective response to potential security incidents.
Use Cases
Case Management , DSPM
Workflow Breakdown
Upon detection of malware events, creates a case in Torq to investigate and resolve the issue.
Sets the severity and SLA for each case in Veeam based on the alarm status.
If the Veeam ONE alarm status is Warning, the Torq severity is set to HIGH , and the SLA is 4 hours.
If the Veeam ONE alarm status is Error severity is Infected, the Torq severity is set to CRITICAL, and the SLA is 1 hour.
Attaches a predefined Runbook
Vendors
Utils, Torq Cases