quarantinedevice – quarantine a device proactively lookupuser – find user profile information in active director lookupdomain – lookup a domain’s reputation
searchdomain – search for traffic to a domain in logs Slash Commands – allow a user to interact with Tines through specific, user-defined commands e.g. Interactive Components – creates shortcuts to specific actions with right-click actions on messages Inform teams of new servers deployed or new vulnerabilities found Post alerts for incidents close to SLA limits Post information details of new high priority incidents into an InfoSec channel or IT channel Use this to send Prompt messages to a specific channel where the channel details will not change e.g. Incoming Webhooks – post messages from Tines directly to a channel (e.g. When you follow the link, you should be presented with a page like this. You’ll need to be an admin on your workspace, or be working with an admin, in order to do this. The first step to setting up your Chatbot in Slack is to create an OAuth application here –. Creating your own Chatbot which fits your own internal processes allows you to be more flexible in your tool and process choice, and keeps your information private, however you should check out their blogs for useful ideas! In this blog, we will examine how to send basic notifications in Slack to a single channel, then we’ll examine how to interact with our Chatbot from within Slack, and lastly, we’ll learn how to send proactive notifications to individual Slack users.Īs mentioned in Part 1, the idea of Chatbots for security and IT teams is not new – security teams in Slack, Netflix and Dropbox, among others, have created open-source Slack Chatbots for alerting purposes and for indicator enrichment.
0 kommentar(er)
