0
11.0.18
Yokohama, Xanadu, Washington DC, Vancouver
The Secureworks CTP ticketing system is an application that supports the servicing needs of the Secureworks Managed Security Services (MSS) organizations. The Secureworks CTP ticket ingestion integration allows you to retrieve Secureworks CTP tickets automatically, convert them into security incidents, and enable automated response actions.
This integration includes the following key features:
- Discovery of Secureworks CTP tickets that are candidates for security incidents and automate the creation of security incidents.
- Mapping of ticket and event fields to security incident fields.
- Aggregation of similar tickets to existing open security incidents instead of creating duplicate security incidents.
- Validate your mapping with a preview of the ticket field values in a security incident.
- Automatic ticket status update for SIR incident creation and Closure.
- Scheduled ingestions of tickets to create security incidents periodically.
- Retrieve recent events associated with a ticket.
- Track key updates to tickets periodically.
- Updating major tickets.
- Synchronization of Secureworks work logs with security incident work notes.
- The new UI dependancy is removed.
Installation sequence:
- Install the Event and Alert Ingestion for Security Operations (com.snc.secops.event_ingestion) plugin which is dependent on the Security Incident Response app and com.glide.hub.integration.runtime, com.glide.hub.action_step.rest plugins.
- Install the Security Incident Response UI (sn_app_secops_ui) app.