About Hunters Workflows

Overview

Hunters Workflows is a module inside the Hunters platform that allows you to enhance the SOC platform experience by incorporating automation functionalities to streamline SOC teams' workflows, make informed decisions and reduce redundant operations including:

  • Orchestration
  • Ticketing & Notifications

Use Hunters Workflows to integrate Hunters with 3rd-party ITSM/SOAR systems:

  • Create automated Workflows that trigger in response to security-related activities.
  • Bi-directional integration: Accurate status of a security case is maintained in both Hunters and the ITSM tool.
  • Real-time Hunters events will be reflected in other systems:
    • New Lead
    • New Alert
    • New Story
    • Lead was Updated
    • Action was taken on Lead/Alert/Story (Status, Assign, Classification)
    • Comment was added

Benefits

  • Reduced Manual Operations: Minimize the need for manual intervention, saving time and reducing the risk of human error.
  • Team Alignment: Both Hunters and the connected app stay in sync, ensuring that all team members are on the same page regarding the status of security incidents.
  • Synchronization of Tools: Enables the synchronization of various tools, making it possible to manage security incidents in real-time within third-party tools or Hunters interchangeably.

Features

The Features of Hunters Workflows include:

  • Integration Orchestration - Connect and transform data across applications, move data around with high security, and, centralized monitoring and recipe management
  • No-code or Low-code Integration - Build integrations between Hunters and third-party applications using a no-code or low-code platform
  • Pre-built Connectors - Leverage a rich selection of pre-built integrations to speed time-to-value
  • Intuitive User Interface - Intuitive UI with user-friendly no-code flow builder.

How it works

Hunters Workflows, an embedded service from Workato, provides automation capabilities, in the form of Recipes that interface with Hunters and 3rd-party applications. Recipes are automated workflows comprised of a trigger (a business event that will kick off the recipe) and one or more actions that are carried out when a trigger event occurs. In each recipe, at least one of the steps (trigger or action) must be a Hunters-related action.

You can choose from a variety of triggers and actions from different applications and based on different logic. This list is specified here.

image.png

Recipes run automatically in the background. When they are in a stopped state, they cease to look for trigger events. When a recipe is started again, it picks up all the trigger events that occurred since the recipe was last stopped.

Worfklows currently supports the following recipe types:

  • Webhook - design an automated process that will detect and retrieve newly generated Stories, Alerts, or Leads, and will send the information to a specified destination URL.
  • ITSM - design a selection of automated processes bringing information from Hunters to your selected ITSM (Jira, ServiceNow, Zendesk).
  • Email - design an automated process that will send out emails whenever a trigger is pushed.
  • Chat-ops - design an automated process that will send out chat messages whenever a trigger is pushed.