Intel Operations
Notice
This feature is available in Intel Exchange v3.7.5.0 onwards.
With Intel Operations (Cyware Orchestrate), you can centralize threat intelligence from multiple sources and automate the response to security threats and vulnerabilities. Orchestrate helps operationalize threat intelligence by automating collection, enrichment, analysis, and response across your security operations. You can access Intel Operations from the Main Menu.
How does Cyware Orchestrate help you operationalize threat intelligence?
Cyware Orchestrate brings automation and orchestration capabilities to your threat intelligence operations, helping your team respond faster and more efficiently to security incidents. It turns complex threat data into actionable workflows and streamlines your security process.
Orchestrate supports the following key capabilities:
Playbooks: Automate and orchestrate security operation workflows with a manual or fully automated sequence of actions.
Labels: Add labels to events and playbooks to automatically trigger a playbook when the event occurs.
Run Logs: Review playbook execution details to analyze nodes and troubleshoot errors.
Apps: Connect with various security tools and data sources using prebuilt integrations to enrich your workflows.
Trigger Events: Create trigger events and run playbooks by assigning the same label to both the event and the playbook.
Configure Triggers: Configure triggers to automatically run a playbook when an event occurs in Orchestrate or on any external platform.
Orchestrate Webhooks: Use token-based URLs to securely send or receive data from external systems, enabling real-time event-driven automation.
Cyware Agent: Install Cyware Agent to enable organizations with on-premise deployments to access all the Orchestrate features hosted on the cloud.
Usage: Monitor your monthly action executions, view usage trends by playbooks or actions, and manage plan limits and tenant details.
For more information, contact Cyware support.