This workflow template automates the response to potential data leaks by identifying and acting on personal identifiable information (PII) detected in Google Drive files by BigID. Upon detection, it notifies the file owner through Slack and manages incident tracking by creating parent and child Jira issues for the affected files. Finally, it sends summary information to a designated Slack channel, ensuring that data leak prevention (DLP) and application security operations teams can intervene promptly.
Trigger
BigID
Use Cases
Application Security Operations ,DLP
Workflow Breakdown
Receive a trigger from BigID on PII findings from Google Drive
Gather event findings from BigID
For each file owner, update via Slack of files that are affected
Check if a parent Jira issue is opened for the owner, if not open a parent issue
Check if a child issue is opened for the file, if not open a new sub-task issue under the parent
Send a summary Slack message to a Slack channel with a snippet containing the details
Vendors
Slack, Utils, Google Drive, Jira Cloud, BigID
Workflow Output
Jira issue for each file owner and Slack messages directly to the file owner if they are found in Slack.