Security Operations Integration - Block Request workflow The Security Operations Integration - Block Request workflow is a high-level workflow independent of integrations. It blocks observables associated with a security incident. Use it to fulfill an integration such as Palo Alto Networks - Firewall. Before you beginRole required: sn_si.analyst About this task The Security Operations Integration - Block Request workflow can be triggered on an observable form, or from the Security Incident Observables related list on a security incident. On a list, it is in the drop-down action menu. On a form, it is a related link. Blocking a request is available only when you have an implementation installed for the block request capability. Workflow process activities include: Execution Tracking - Begin activityThe Execution Tracking - Begin workflow activity starts the auditing process for a Security Operations Integration workflow that operates on observables. Filter Whitelisted Observables activityThe Filtered Whitelisted Observables workflow activity removes observables that can be ignored from the list of observables. This activity can accelerate the investigation and remediation process.Capability Execution Tracking - Complete activityThe Capability Execution Tracking - Complete workflow activity updates the audit record when the workflow is complete.