Which applications can I use in my recipe?
Hunters Workflows supports a list of different trigger and action applications. You can find the full list here.
Can I add applications that are not listed?
No, however we would like to get familiar with any missing application and your use case to evaluate adding it or allowing you to access it with an additional cost.
Can I create triggers and actions?
No, you can not create additional triggers, you may use the OOTB available triggers. If you are missing a trigger please open an FR with the information regarding the missing trigger and use case for Hunters to evaluate it. If you are missing an action for a specific supported application, you may use the Custom Action, and or file an FR for the additional action and use case for Hunters evaluation.
How can I make sure the recipe is working properly?
For a specific recipe you can check the recipe overview to see if the recipe is Active, and the number of successful jobs.
In addition you can navigate to the recipe’s Jobs tab to see all the jobs, click on each job for additional information
Finally, you can view the status of all recipes in the Monitor page (Workflows -> Monitor), where you can see all the recipes in your account, their status, successful and failed jobs, number of tasks and the latest job.
How can I add more Hunters triggers?
You can not create additional Hunters triggers, you may use the OOTB available triggers. If you are missing a trigger please open an FR with the information regarding the missing trigger and use case for Hunters to evaluate it.
How secure is this solution?
Data passed on to the recipe job is retained on the Hunters Workflows for 30 days. This data is used for insights on the dashboard, troubleshooting, and repeating jobs if required. And is stored in AWS EU Central region data center. The retention period can vary from an hour to up to 30 days.
Important: All data over the retention period is permanently deleted.
The following data is retained:
Trigger event data
Job history (ID, description, status)
Job history details with data input/output for each step
For more information on data security and data retention, see Security and Data Retention.
Are there usage limits?
As a customer, you are entitled to up to 3M tasks per year. Task usage is collectively calculated across recipes and applications within your account. Should you approach 80% of your task quota, Hunters Professional Services and your Customer Success Manager will proactively reach out to you. Additionally, you have the capability to monitor task usage conveniently on the Monitor page under the Workflows section.
Note: Task refers to a unit of work that occurs every time a recipe performs an action that requires compute resources. Every time a recipe invokes an action provided by a connector, it is counted as a task. This includes actions done with all connectors, including Hunters Workflows applications (Hunters, Email, HTTP, Webhooks). For more information, see Tasks.
Other limits and timeouts usually specific to some connectors can be found throughout the documentation. Some applications can also enforce limits and those limitations are not documented here.
Standard recipe steps have a timeout of 90 seconds and jobs have a timeout of 90 minutes.
Jobs with a long actions have a 24-hour timeout. The long action steps may timeout sooner depending on the execution of the long action steps.
Webhook triggers have a rate limit of approximately 6000 requests per minute (~6000 requests/minute).
An account can have up to 100 lookup tables with up to 10 columns and 10,000 records per table.
Note: It may be possible to add more than 10,000 records to a lookup table, but the 10,000 record limit may be enforced in other ways. For example, while exporting lookup table values to a recipe lifecycle management package.The CSV utility connector can parse up to 50,000 rows only in a CSV file.
The Lists utility connector can only create repeat helper lists with a maximum size of 50,000.
Note: The 50,000 limit is common across different connectors.
Is this a SOAR?
Hunters Workflows provides key features of a SOAR solution, it currently allows you to customize and automate orchestration and notification tasks to ensure efficiency within the team, alignment across teams, synchronization of your operational stack, including emails, chat-ops and ITSM solution.
In addition, Hunters Workflows allow for triggering response actions automatically or manually responding to a threat with different response actions like containment, communication, management or enrichment.
Can I use this to trigger containment?
Yes. This allows you to initiate a tailored response based on the lead's attributes and entities.