Security Orchestration Process
This topic describes how Security Orchestration works.
- Configuring and Enabling a Workflow: Enables the required built-in workflow of SecMaster.
By default, SecMaster provides workflows such as WAF uncapping, Synchronization of HSS alert status, and Fetching indicator from alert. The initial version (V1) of the workflows has been activated. You only need to enable the workflows and use them in playbooks.
In addition, if you need to edit a workflow, you can copy the initial version for processing.
- Configuring and Enabling a Playbook: Enables the required built-in playbook of SecMaster.
By default, SecMaster provides playbooks such as Fetching indicator from alert, Synchronization of HSS alert status, and Automatic closing of repeated alerts. To use a playbook, you need to enable it.
A playbook supports multiple versions. You need to submit the required playbook version for review before enabling the playbook.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot