Light

shuffle / workflows Goto Github PK

View Code? Open in Web Editor NEW

19.0 4.0 19.0 951 KB

Workflows for Shuffle

Home Page: https://shuffler.io/search?tab=workflows

License: MIT License

playbooks shuffle usecases workflows

workflows's Introduction

Shuffle Workflows

These are workflows meant for Shuffle. After Shuffle 0.9.0, these are automatically searchable from within Shuffle itself. The goal is to start covering most common automation use-cases before creating niches for your needs.

How to use them

These workflows can be imported and exported to and from Shuffle. Feel free to upload any workflow here you'd like to share with the community. They are not necessarily production ready yet, as most workflows have to be changed to fit other environments, but there are similarities

Structure

We have a certain structure that is being defined. Most workflows will fit into three categories:

Prepare: Actions ran automatically to move and/or enrich data.
Response: Actions to be used to solve or further handle an incident.
Testing: Used for testing. Checks if each part of the Shuffle ecosystem works or not.

Categories

Each Workflow should long-term be fitted with one or multiple of these categories. These are currently split into eight (8), but may change over time as use-cases change or better options are found.

Support

Related repositories

Shuffle: https://github.com/frikky/shuffle
Apps: https://github.com/frikky/shuffle-apps
Security OpenAPI apps: https://github.com/frikky/security-openapis
Documentation: https://github.com/frikky/shuffle-docs

License

All modular information related to Shuffle is under MIT (anyone can use it for whatever purpose).

workflows's People

Contributors

Stargazers

Watchers

Forkers

lzhz2012 arintriyanto wanhl1990 ng-isa emp4556 grit-elysianblue cybertrust1 oliviergtelia gaurav-m92 hecg119 00willo essole ekmixon marsidi davidthegoliath laudarch ibit-tech gzmaster scmdr

workflows's Issues

Fix Elasticsearch -> Jira usecase

Validate all top 10 Templates if they actually work

https://docs.google.com/spreadsheets/d/1-nHOAtAq-5pqaSwjlAmSvG4LxoazCxZViYkf10jnPFA/edit#gid=1821416964

Fix IRIS subflow template

What

Plan out Workflows and sharable use-cases

What playbooks do we need?
What do ideal playbooks look like?
How do we standardize them?

This is an issue to handle what we talked about here: https://ptb.discord.com/channels/747075026288902237/747813673577218063/882751891719733268

It has to do with planning out Workflows to create and release in the future, and I'd love some.

Use-cases to be made

Below is a bunch of use-cases that can be made with products of all sorts. These aren't properly categorized or standardized yet, but this is the humble beginning. If you can fix any of these issues (or others too) with your own products, please create pull requests / tell us how we can work together creating them.

General	Active Directory	Firewalls	Proxies web	SIEM	SOAR	Mail	EDR (/AV?)	AV	MDM/MAM***	DNS	Ticketing platform	TIP	Communication	DDOS protection	VMS
Search	Block user	Block IP	Block URL	Investigations	Workflow execute	Block sender domain	Block hash	Search signatures	Conditional Access - Restrict Access	Block domain	Open ticket	IOC Lookup	Send mail		Search CVE
Feeders	Reset password	Search IP	Block domain		App search	Block sender address	Delete file	Enable / disable	Conditional Access - block access	Search domain	Update ticket	IOC Enrichment	Send instant message		Start scan
	Reset token					Delete mail	Quarantine	Run scan	Selective wipe of org. data		Comment ticket (if not an update)		Send SMS		Stop scan
							Investigations						Autodialer
							Restrict app execution (MS DSC*)
							Isolate device (CB Response & MS DSC)
							Hunt for related events** (MS DSC)
							Manage tags (MS DSC)
							Run antivirus scan (MS DSC)
							Collect investigation package(MS DSC)
							Initiate Live Response Session(MS DSC & CB Response)
							Initiate automated investigation(MS DSC)
							Consult a threat expert(MS DSC)

Environments Shuffle and Cloud are visible when creating workflows

When creating a workflow and double clicking on an app, under the environment drop down, options for both Shuffle and Cloud are visible.

Steps to reproduce (Testing in Chrome browser):

Create a new workflow
Drag and drop a Test app
Double click on it to modify options
Select the environment drop down
Shuffle and Cloud options are visibile.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.