Skip to main content
All CollectionsTemplatesBasic
Validate Gem Alert Events in Slack - Workflow Template
Validate Gem Alert Events in Slack - Workflow Template

Communicate with a user through Slack to validate a security alert.

Updated over 7 months ago

This workflow template, "Validate Gem Alert Events in Slack," is designed for security incident validation. It initiates when a promising alert is flagged by Gem Security Monitoring. The workflow extracts the list of triggering events, sends them to the involved user via Slack, and requests validation to confirm whether they performed those actions. Once the user's acknowledgment is collected, it gets added to the alert's timeline within Gem, creating a clear record of the validation process for security teams.

Trigger

Gem

Use Cases

CSPM

Workflow Breakdown

  1. Extract the list of triggering events from the alert's timeline

  2. Send the events list to the relevant user in Slack, and validate they're the ones who actually performed them

  3. Add the user's Slack response to the alert's timeline in Gem

Vendors

Slack, Utils, Gem

Did this answer your question?