Which applications can I use in my recipe?
Hunters Workflows supports a list of different trigger and action applications. You can find the full list here.
Can I add applications that are not listed?
Although you can’t add a custom application to use in Workflows, you can use the HTTP connector to add any unsupported application that has an accessible API.
Can I create triggers and actions?
No, you can not create additional triggers, you may use the OOTB available triggers. If you are missing a trigger, please open a Feature Request with the information regarding the missing trigger and use case for Hunters to evaluate it. If you are missing an action for a specific supported application, you may use the Custom Action, and or file an FR for the additional action and use case for Hunters evaluation.
How can I make sure the recipe is working properly?
For a specific recipe, you can check the recipe overview to see if the recipe is Active and the number of successful jobs.
In addition, you can navigate to the recipe’s Jobs tab to see all the jobs, and click on each job for additional information.
Finally, you can view the status of all recipes in the Monitor page (Workflows -> Monitor), where you can see all the recipes in your account, their status, successful and failed jobs, number of tasks, and the latest job.
How secure is this solution?
Data passed on to the recipe job is retained on the Hunters Workflows for 30 days. This data is used for insights on the dashboard, troubleshooting, and repeating jobs if required. It is stored in the AWS EU Central region data center. The retention period can vary from an hour to up to 30 days.
Important: All data over the retention period is permanently deleted.
The following data is retained:
Trigger event data
Job history (ID, description, status)
Job history details with data input/output for each step
For more information on data security and data retention, see Security and Data Retention.
Are there usage limits?
As a customer, you are entitled to up to 3M tasks per year. Task usage is collectively calculated across recipes and applications within your account. Should you approach 80% of your task quota, Hunters Professional Services and your Customer Success Manager will proactively reach out to you. Additionally, you can conveniently monitor task usage on the Monitor page, located under the Workflows section.
Note: Task refers to a unit of work that occurs every time a recipe performs an action that requires compute resources. Every time a recipe invokes an action provided by a connector, it is counted as a task. This includes actions done with all connectors, including Hunters Workflows applications (Hunters, Email, HTTP, Webhooks). For more information, see Tasks.
Other limits and timeouts, which are usually specific to certain connectors, can be found throughout the documentation. Some applications can also enforce limits, and those limitations are not documented here.
Standard recipe steps have a timeout of 90 seconds, and jobs have a timeout of 90 minutes.
Jobs with long actions have a 24-hour timeout. The long action steps may timeout sooner depending on the execution of the long action steps.
Webhook triggers have a rate limit of approximately 6000 requests per minute (~6000 requests/minute).
An account can have up to 100 lookup tables with up to 10 columns and 10,000 records per table.
Note: It is possible to add more than 10,000 records to a lookup table; however, the 10,000 record limit may be enforced in other ways. For example, while exporting lookup table values to a recipe lifecycle management package.The CSV utility connector can parse up to 50,000 rows only in a CSV file.
The Lists utility connector can only create repeat helper lists with a maximum size of 50,000.
Note: The 50,000 limit is common across different connectors.
Is this a SOAR?
Hunters Workflows provides key features of a SOAR solution, it currently allows you to customize and automate orchestration and notification tasks to ensure efficiency within the team, alignment across teams, synchronization of your operational stack, including emails, chat-ops and ITSM solution.
In addition, Hunters Workflows allow for automatically or manually triggering response actions in response to a threat, including containment, communication, management, or enrichment.
Can I integrate with other SOAR solutions?
Yes, you can integrate with other SOAR solutions, like Tork or Tines, using the HTTP connector and the vendor’s API.
Can I use this to trigger containment?
Yes. This allows you to initiate a tailored response based on the lead's attributes and entities.