veeral-patel
commented
5 years ago Hi @Dominator-3000 -- would the visualization be used for automation (like a visual playbook editor) or just to visualize the incident?
Open Dominator-3000 opened 5 years ago
veeral-patel
commented
5 years ago Hi @Dominator-3000 -- would the visualization be used for automation (like a visual playbook editor) or just to visualize the incident?
Dominator-3000
commented
4 years ago Hi @veeral-patel
I apologize for the late answer.
"visual-functional response schemes" - I mean flowcharts with scenarios automation elements. Something like playbook Visualisation in Siemplify SOAR (https://www.siemplify.co/#) or R-Vision IRP (https://rvision.pro/irp/). In them you can easily, conveniently create, describe, modify and automate workflow with many conditions. Also flowcharts are “easy to read”.
We tested these solutions and we really liked this functionality.
Much more conveniently than describing a linear, step-by-step response process without a transparent ability to add variability.
Request Type
Feature Request
Problem Description
Creating response procedures in tasks is not always convenient. Especially if you need to describe a large number of variations of scenarios.
Possible Solutions
It makes sense to consider the possibility of adding a new functional for building visual-functional response schemes. This also allowed the analyzers to be tied to specific stages of response, which would be very convenient.
Something like https://github.com/nsacyber/WALKOFF with the workflow builder. I hope you understand what I mean.