Hello. My company has recently adopted Google SecOps alongside our current ITSM tool in-which we use to conduct case management and handling. We would like to have SecOps automatically create and updates cases in our ITSM tool, however I don’t see any automated functionality to run things at case level.Could some advice be provided on how to move forward particularly with the following:Have cases created in ITSM when analyst change the case state to incident. Have new alerts added to our ITSM when alerts are added to cases in secops with incidents already raised. Have new alerts removed to our ITSM when alerts are removed from cases in secops with incidents already raised.I already have actions and integrations for our ITSM that work for these purposes, but I now need a trigger to automate them which I cannot find in SecOps.

Creating case level automations for ITSM integration?

Hello. My company has recently adopted Google SecOps alongside our current ITSM tool in-which we use to conduct case management and handling. We would like to have SecOps automatically create and updates cases in our ITSM tool, however I don’t see any automated functionality to run things at case level.

Could some advice be provided on how to move forward particularly with the following:

Have cases created in ITSM when analyst change the case state to incident.
Have new alerts added to our ITSM when alerts are added to cases in secops with incidents already raised.
Have new alerts removed to our ITSM when alerts are removed from cases in secops with incidents already raised.

I already have actions and integrations for our ITSM that work for these purposes, but I now need a trigger to automate them which I cannot find in SecOps.

Be the first to reply!

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded