This Torq workflow template enables automated information gathering about AWS instances when an IP address is mentioned in a Microsoft Teams message. The bot triggers a search for the specified IP address in Wiz, collecting detailed information such as Security Group Rules, NIC details, and Instance IDs. It then returns a comprehensive report via Teams, enhancing response times and streamlining communication for cloud security management and incident response.
Trigger
Microsoft Teams Bot
Optional Triggers
Slack
Use Cases
CSPM, Security Bots
Workflow Breakdown
Find all IP Addresses that are provided from the Microsoft Teams message
Search for the IP Address and loop over each instance found
Gather Security Group, NIC, Instance ID and any Issues listed for the instance
Provide detailed findings back to the originator via Microsoft Teams
Vendors
Utils, Wiz, Microsoft Teams Bot
Workflow Output
Detailed information back via Microsoft Teams