Use Cases

Seven end-to-end scenarios that trace an incident from the first SIEM alert through investigation, automated enrichment, and case closure. Each scenario describes both the analyst’s manual steps and the automated workflow Energy SOAR runs in parallel, making them useful for training new team members or validating your playbook configuration.

The scenarios cover a user-reported phishing email with embedded URL and attachment scanning, malware detection, unauthorized access investigation, ransomware response, data exfiltration, insider threat, and credential stuffing.

• Suspicious E-mail Investigation
• Malware Incident Investigation
• Unauthorized Access Investigation
• Ransomware Incident Response
• Data Theft Investigation
• Insider Threat Investigation
• Credential Stuffing Investigation