: Send Security Alerts to Nuvolo
Focus
Focus

Send Security Alerts to Nuvolo

Table of Contents

Send Security Alerts to Nuvolo

Manually send Security alerts from
IoT Security
through
Cortex XSOAR
to Nuvolo to make work orders.
From the
IoT Security
portal, you can send a security alert to Nuvolo either by selecting the check box of an alert on the Alerts > Security Alerts page or from the
Alerts
Security Alerts
>
alert_name
page. Before forwarding the alert to Nuvolo,
Cortex XSOAR
converts it into a security incident, which Nuvolo receives in its Security Queue. From there, a Nuvolo user can create a work order for a network security analyst to investigate.
  1. Log in to the
    IoT Security
    portal and send a Security alert to Nuvolo.
    1. Click
      Alerts
      Security Alerts
      , select the check box of the alert you want to send as an incident to Nuvolo, and then click
      More
      Send to
      Nuvolo
      .
      Or
      Click
      Alerts
      Security Alerts
      , click the name of a Security alert, click
      Action
      Nuvolo
      .
      The Send to Nuvolo panel appears.
    2. Enter a priority number using the priority numbering system in Nuvolo and add a comment.
      After you’ve configured these three required settings, the Send button changes from gray to blue, indicating that you can proceed.
    3. Send
      the alert to Nuvolo.
      After you click
      Send
      , a link appears. When you click it, a new browser window opens to the XSOAR playbook for this action.
    4. To confirm that the work order was sent, click the link to the XSOAR playbook for this action.
      For the link in
      IoT Security
      to open the corresponding playbook in
      Cortex XSOAR
      , you must already be logged in to your XSOAR instance before clicking it.
      The green boxes in the playbook indicate that a particular step was successfully performed. Following the path through the playbook gives you feedback about whether an action was carried out successfully or, if not, where the process changed course.
      Also the action “Sent to Nuvolo” appears in the Last Action column on the Alerts page in the
      IoT Security
      portal. If you don’t see this column, click the Columns icon ( ) and select
      Last Action
      .
  2. Log in to Nuvolo and check the Security Queue for receiving security incidents from
    IoT Security
    .

Recommended For You