Strobes Automation allows users to set up automated workflows to analyze vulnerability data and streamline the triage process. A key component of this is configuring Actions, which define what the system should do when certain conditions are met. This article will guide you through the process of setting up Actions in Strobes Automation.
1. Accessing the Actions Configuration
To begin, navigate to the Automation section in Strobes. Select "Strobes Action" as your tool when creating a new automation. You'll see a multi-step configuration process, with Actions being the final step.
2. Understanding the Purpose of Actions
Actions determine what the automation will do when triggered. They are executed after the specified hooks have been triggered and any filter conditions have been met. Actions can include tasks like updating asset exposure, modifying business sensitivity, or applying tags.
3. Selecting Appropriate Actions
In the Actions section (Step 4/4 of the configuration process), you'll see a list of available actions categorized by module (e.g., Assets). Common actions include:
- Asset Exposure: Adjust the exposure level of an asset
- Business Sensitivity: Update the business sensitivity rating
- Tags: Add or remove tags from assets or findings
Select the checkboxes next to the actions you want to include in your automation.
4. Configuring Action Parameters
After selecting an action, you may need to provide additional parameters. For example, if you choose to update asset exposure, you'll need to specify the new exposure level. These parameters allow you to fine-tune how the action is performed.
5. Adding Multiple Actions
Strobes allows you to configure multiple actions for a single automation. This is useful for creating complex workflows. For instance, you might update an asset's exposure and add a tag in the same automation.
6. Testing and Refining
After setting up your actions, it's crucial to test the automation to ensure it behaves as expected. Use the preview or dry-run features if available to verify the actions without affecting live data.
7. Finalizing the Configuration
Once you're satisfied with your action setup, click "Continue" to complete the automation configuration. Review all settings one last time before saving and activating the automation.
Remember, the effectiveness of your automation depends on how well you configure each component, including the actions. Regularly review and refine your automation to ensure they continue to meet your evolving security needs.
By following these steps, you can effectively set up actions in Strobes Automation, creating powerful workflows to enhance your vulnerability management process.
Comments
Article is closed for comments.