Playbooks & Automation

Define and manage automated security response workflows

Active Playbooks

↑ All running

Executions (24h)

127

↑ +12% from yesterday

Success Rate

97.2%

↑ +0.4% this week

Avg Response Time

2m 45s

↓ 15s faster

4 Active

1 Paused

Phishing Response Playbook

Active

Email Security

Automated workflow to investigate and contain phishing attempts

Trigger:

Phishing alert detected

Actions:

Quarantine email

Block sender

Notify user

Create incident

Last Triggered

12 minutes ago

Executions

234

Success Rate

98.7%

Avg Duration

2m 15s

Account Compromise Playbook

Active

Identity

Responds to suspicious account activity and compromises

Trigger:

Multiple failed logins + unusual location

Actions:

Lock account

Reset password

Force MFA

Notify security team

Last Triggered

45 minutes ago

Executions

Success Rate

96.6%

Avg Duration

1m 45s

Insider Threat Playbook

Active

Behavioral

Monitors and responds to potential insider threat indicators

Trigger:

Unusual data access patterns

Actions:

Alert manager

Audit access logs

Restrict permissions

Start investigation

Last Triggered

3 hours ago

Executions

Success Rate

100%

Avg Duration

5m 30s

Data Exfiltration Response

Active

Data Loss

Prevents and investigates unauthorized data transfers

Trigger:

Large file upload to personal cloud

Actions:

Block transfer

Alert security

Capture evidence

Review recent activity

Last Triggered

6 hours ago

Executions

Success Rate

95.6%

Avg Duration

3m 10s

Shadow IT Discovery Response

Paused

Application Security

Auto-approved

Identifies and manages unauthorized applications

Trigger:

Unapproved SaaS detected

Actions:

Catalog application

Assess risk

Notify user

Recommend alternatives

Last Triggered

2 days ago

Executions

167

Success Rate

92.2%

Avg Duration

4m 25s

Playbooks & Automation

Define and manage automated security response workflows

Active Playbooks

↑ All running

Executions (24h)

127

↑ +12% from yesterday

Success Rate

97.2%

↑ +0.4% this week

Avg Response Time

2m 45s

↓ 15s faster

4 Active

1 Paused

Phishing Response Playbook

Active

Email Security

Automated workflow to investigate and contain phishing attempts

Trigger:

Phishing alert detected

Actions:

Quarantine email

Block sender

Notify user

Create incident

Last Triggered

12 minutes ago

Executions

234

Success Rate

98.7%

Avg Duration

2m 15s

Account Compromise Playbook

Active

Identity

Responds to suspicious account activity and compromises

Trigger:

Multiple failed logins + unusual location

Actions:

Lock account

Reset password

Force MFA

Notify security team

Last Triggered

45 minutes ago

Executions

Success Rate

96.6%

Avg Duration

1m 45s

Insider Threat Playbook

Active

Behavioral

Monitors and responds to potential insider threat indicators

Trigger:

Unusual data access patterns

Actions:

Alert manager

Audit access logs

Restrict permissions

Start investigation

Last Triggered

3 hours ago

Executions

Success Rate

100%

Avg Duration

5m 30s

Data Exfiltration Response

Active

Data Loss

Prevents and investigates unauthorized data transfers

Trigger:

Large file upload to personal cloud

Actions:

Block transfer

Alert security

Capture evidence

Review recent activity

Last Triggered

6 hours ago

Executions

Success Rate

95.6%

Avg Duration

3m 10s

Shadow IT Discovery Response

Paused

Application Security

Auto-approved

Identifies and manages unauthorized applications

Trigger:

Unapproved SaaS detected

Actions:

Catalog application

Assess risk

Notify user

Recommend alternatives

Last Triggered

2 days ago

Executions

167

Success Rate

92.2%

Avg Duration

4m 25s