Ransomware Alerts to SecureX
Workflow #0043
This workflow was developed and is supported by Cohesity
This workflow pushes Cohesity Helios ransomware alerts to SecureX Threat Response incidents with matching sightings.
Change Log
Date | Notes |
---|---|
Sep 24, 2021 | - Initial release |
See the Important Notes page for more information about updating workflows
Requirements
- The following system atomics are used by this workflow:
- None
- The following atomic actions must be imported before you can import this workflow:
- None
- Cohesity Helios
Workflow Steps
- Execute a Python script to fetch alerts from Cohesity and create corresponding incidents in SecureX
Configuration
- Set the
Helios API Key
local variable to your Cohesity Helios API key - Set the
SecureX API Client ID
andSecureX API Secret
local variables to your API client’s ID and secret (more information) - Set the
Number of Hours
local variable to the number of hours ago you want to start fetching alerts from - If you want the workflow to run automatically, enable the
Cohesity Ransomware Alerts
trigger in the workflow’s property to enable it to run on a schedule