CTDR provides various process components that you can freely configure to implement automated security processing solutions. These include system components, basic orchestration components, security handling components, and more.
Component type | Component name | Description |
System component | Start | The flow start node, which can define the playbook trigger method. Note A playbook flow can have only one start node. |
End | The flow end node. Note A playbook flow can have multiple end nodes. | |
Single output | If there are multiple branches, only the first branch that meets the condition is executed. | |
Multiple outputs | If there are multiple branches, all branches that meet the conditions are executed. | |
Multiple convergence | Waits until all branches are completed before continuing execution. | |
Child flow | A child flow also requires start and end nodes. It can group complex flows for display, making the flow clearer and easier to understand, and supports loop execution of child flows. | |
Basic orchestration component | Data formatting component. | |
Child playbook operation configuration component, including obtaining child playbook outputs and invoking child playbooks. | ||
Alert operations, query sub-account information. | ||
Log operation component. | ||
Message notification component. | ||
Data filtering component. | ||
Executes python scripts. | ||
Calls Alibaba Cloud OpenAPI. | ||
The timer. | ||
Threat intelligence query. | ||
Obtains domain names. | ||
Calls AWS interfaces. | ||
Calls Tencent Cloud interfaces. | ||
Calls Chaitin interfaces. | ||
Calls Huawei Cloud interfaces. | ||
Calls Azure interfaces. |