Link Search Menu Expand Document

Ransomware Alerts to SecureX

Workflow #0043

This workflow was developed and is supported by Cohesity

This workflow pushes Cohesity Helios ransomware alerts to SecureX Threat Response incidents with matching sightings.

GitHub


Change Log

Date Notes
Sep 24, 2021 - Initial release

See the Important Notes page for more information about updating workflows


Requirements

  • The following system atomics are used by this workflow:
    • None
  • The following atomic actions must be imported before you can import this workflow:
    • None
  • Cohesity Helios

Workflow Steps

  1. Execute a Python script to fetch alerts from Cohesity and create corresponding incidents in SecureX

Configuration

  • Set the Helios API Key local variable to your Cohesity Helios API key
  • Set the SecureX API Client ID and SecureX API Secret local variables to your API client’s ID and secret (more information)
  • Set the Number of Hours local variable to the number of hours ago you want to start fetching alerts from
  • If you want the workflow to run automatically, enable the Cohesity Ransomware Alerts trigger in the workflow’s property to enable it to run on a schedule