Docs
HomeGitHubSign Up

Workflows

Suggest Edits

Overview

Automated Security Workflows is a feature of the ARMO platform that integrates security alerts with Jira, Slack, and Microsoft Teams. This integration streamlines the management and response to security risks within Kubernetes environments.


Key Features

  • Intelligent Jira Integration: Automatically generate detailed Jira tickets that include risk information, severity, and recommended remediation steps.

  • Smart Slack and Teams Alerts: Send immediate notifications to designated Slack channels or Teams teams, summarizing the risk and linking to the Jira ticket.

  • Flexible Workflow Configuration: Set up custom automation rules based on criteria such as risk type and severity.

  • User-Friendly Setup: Easily connect Jira, Slack, and Teams accounts through an intuitive integration settings interface.

Benefits

  • Efficiency: Automates ticket creation and alert distribution, saving time and reducing manual effort.
  • Consistency: Ensures standardized responses to security risks, minimizing human error.
  • Rapid Response: Facilitates swift action on potential threats through instant notifications and ticket creation.
  • Focus on Complex Issues: Allows security teams to concentrate on analyzing and resolving complex issues by automating routine tasks.

Getting Started

Follow these steps to configure and activate the feature:

Step 1 - Setup integrations

  1. Log into your ARMO Platform account.

  2. Navigate to the Integrations section in the settings menu.

  3. Connect your Jira, Slack, and/or Microsoft Teams accounts by following the instructions.


Step 2 - Creating your first Workflow

  1. Navigate to the Workflows section in the left-hand menu.

  2. Click Add Workflow to create a new workflow.

  3. Define the following for the workflow:

    • Name: Provide a meaningful name.

    • Scope: Select the cluster(s) and namespace(s) where the workflow applies.

    • Conditions: Specify conditions like severity, exploitability, and more.

    • Actions: Choose actions such as sending alerts to Slack, Teams, or creating Jira tickets.

  4. Click Save to activate the workflow.

Conclusion

Automated Security Workflows enhance the ARMO platform by bridging the gap between detection and action, empowering teams to maintain a more secure and efficient Kubernetes environment.

Updated 10 months ago