Skip to main content
All CollectionsTemplatesBasic
Open or Update a Jira Issue on an Uptycs Alert - Workflow Template
Open or Update a Jira Issue on an Uptycs Alert - Workflow Template

Open a parent or child issue in Jira when a medium/high severity event is found. Ask a Slack channel if additional information is required.

Updated over 6 months ago

This workflow template is crafted to streamline the response to medium or high severity alerts from Uptycs within an organization. Upon receiving an alert, the process involves automatically gathering information about the affected asset and creating or updating a Jira issue to track the incident. Additionally, the workflow prompts for potential queries on the Slack channel to enrich the incident details, with options for Process List, Logged-in Users, and Shell History. Any further information gathered is then appended to the relevant Jira issue, ensuring a thorough and organized response to security alerts.

Trigger

Uptycs

Use Cases

Endpoint Detection and Response (EDR) , Threat Intelligence Enrichment

Workflow Breakdown

  1. Receive an alert from Uptycs on a medium or high severity alert

  2. Gather information on the asset

  3. Open either a Jira parent issue or a child issue if a parent issue already exists

  4. Ask the Slack channel if additional information is required. Process List, Logged in Users, and Shell History are options.

  5. Any request for additional information will be added to the Jira issue that was created.

Vendors

Slack, Utils, Jira Cloud, Uptycs

Workflow Output

Updates via the Slack channel and Jira issue.

Did this answer your question?