Hello,
I want to created CTR incident in SecureX, Please suggest how can I create?
Below are the requirements:
1. I have created one workflow to fetch offenses from SIEM and I am able to fetched offenses like open, close.
but how can I fetch all live offenses from SIEM?
2. I want to convert offense's output JSON format to table. How can I create workflow?
3. Also I want to check reputation for IP address which are in that offense. how can I create workflow?
4. Then last, I want to Create CTR incident in SecureX.
Please suggest on this.
.