Set up Security Incident Response Orchestration

In order to use activites within workflows you must first set up Security Incident Response Orchestration.

Before you begin

You need a fully populated CMDB with domain names to use Security Incident Response. For more information, see Discovery.

Role required: admin

About this task

Prior to using Security Incident Response Orchestration, perform steps to set up various parts of the system, including populating the CMDB, configuring the MID Server, and configuring credentials.

Procedure

  1. Activate the Security Incident Response plugin.
  2. Configure the mid-server.
  3. Configure credentials.
    You are now ready to use Security Incident Response Orchestration activities within a workflow.