Create IoC Lookup Request for IoC Changes workflow

A business rule triggers the Security Incident Response - Create IoC Lookup Request for IoC Changes workflow to run automatically when an IoC is added or changed. Entering new data triggers malware scans and only the new data is scanned.

Before you begin

Role required: sn_si.basic

About this task

If the IoC is empty, the workflow does not run. Historical scans are retained and viewable in the Security Scan Requests tab and work notes of the security incident.

Existing security incidents automatically update.

Workflow process activities include:
Security Incident Response - Create IoC Lookup Request for IoC Changes workflow diagram