This n8n workflow automates the process of alerting users via Slack and creating Jira tickets when quarantine alerts are triggered by Sublime Security. The system listens for security alerts through a webhook, fetches detailed information about the flagged email via API requests, and tries to identify the recipient’s Slack user by email. If the email has been opened before quarantine, a Jira ticket is generated for further investigation, ensuring quicker incident response. Concurrently, the workflow sends a Slack message to notify the user about the quarantined email, providing details and instructions for safe handling.
**Step-by-step Workflow:**
1. The workflow is triggered via a webhook by Sublime Security when an email is quarantined.
2. It retrieves detailed message information from the Sublime Security API.
3. It attempts to find the user’s Slack account using their email with a Slack API request.
4. If a Slack user is found, a notification message is sent to inform them about the quarantined email.
5. If the email was opened before quarantine, the workflow creates a Jira ticket containing detailed incident information.
6. If the email was not opened previously, the workflow ends without further action.
This workflow is particularly useful in cybersecurity and IT operations to automate incident alerts, improve response times, and ensure clear communication with affected users.
Reviews
There are no reviews yet.