Response playbooks
Automated threat response
Four default rules cover the most common cloud attack patterns. Encode your own by mapping an asset tag and severity floor to the right action — e.g.critical brute-force @ database → block + alertis a one-click rule with no code change required.
No playbooks yet.
Recent action logs
Persisted record of every dispatched action — confirms execution.
No actions dispatched yet.
Recent threat events
All synthetic events recorded for audit and replay.
No threat events captured yet.