Cisco SecureX Integration Workflows
stable
threat response
1. Getting Started
2. Pivot into threat response
3. Queries
4. Refer "Pivot" Actions
5. Response Actions
6. Relay API
Orchestration
1. Getting Started
2. Workflows
3. Logic
4. Events
5. Schedules
6. Import/Export
7. API Documentation
Cisco SecureX Integration Workflows
Docs
»
Cisco SecureX Integration Workflows
Edit on GitHub
Cisco SecureX Integration Workflows
ΒΆ
threat response
1. Getting Started
1.1. Global API Endpoint URLs
1.2. Create API Client in Threat Response UI
1.3. Scopes
1.4. Using API Client Credentials to Get Access Token
1.5. Authentication
1.6. Rate Limits
1.7. API Endpoints
2. Pivot into threat response
2.1. Launch Investigation From URL
2.2. Launch Investigation From a Newly Created Casebook
2.3. Launch Investigation From an Existing Casebook
3. Queries
3.1. Get Verdicts for an Observable
3.2. Contextualize an Observable
4. Refer "Pivot" Actions
4.1. Extract Observables
4.2. Refer Observables
4.3. Use Cases
5. Response Actions
5.1. Extract Observables
5.2. Respond Observable
6. Relay API
6.1. Requirements
6.2. Good Practices When Possible
Orchestration
1. Getting Started
2. Workflows
2.1. Workflows
2.2. Runs
2.3. Targets
2.4. Atomic Actions
3. Logic
3.1. Variables
3.2. Condition Blocks
3.3. For Each Blocks
3.4. While Loop Blocks
3.5. Parallel Blocks
4. Events
4.1. Email Events
5. Schedules
5.1. Calendars
5.2. Schedules
5.3. Adding a Schedule to a Workflow
6. Import/Export
6.1. Exporting to Git
6.2. Importing from Git
6.3. Adding a Git Repository
7. API Documentation