Security Operations - Get Running Processes workflow The Security Operations - Get Running Processes workflow is a high-level workflow independent of integrations. It retrieves a list of running processes on a configuration item (CI) from a host. Use it to fulfill an integration, such as Carbon Black, or for a Windows-based security incident. Before you beginRole required: sn_si.analyst About this task Workflow process activities include: Capability - Determine CIs activity Execution Tracking - Begin (CIs) activity Get Supported Security Capabilities activity Capability Execution Tracking - No Impls activity Parallel Flow Launcher - returns search results in an array. Capability Execution Tracking - Complete activity Capability - Determine CIs activityThe Capability - Determine CIs workflow activity determines which configuration items (CIs) to include in the workflow. Execution Tracking - Begin (Observables) activityThe Execution Tracking - Begin (Observables) workflow activity starts the auditing process for a Security Operations Integration workflow that operates on observables. Get Supported Security Capabilities activityThe Get Supported Capabilities workflow activity retrieves the name and number of integrations that are active and support the requested capability.