Attacker Behavior Analytics (ABA) Rules represent an ever-growing list of rules in InsightIDR, and currently, InsightCONNECT workflow triggers only work with User Behavior Analytics (UBA) and Custom Alerts…until now!
Through this Early Access, customers can now build ABA workflows in InsightCONNECT via a new ABA trigger and associate them to detection rule(s) in InsightCONNECT or associate the detection rule to workflow(s) in InsightIDR. This enables you to approach automation from either the workflow first - InsightCONNECT or detection rule first - InsightIDR. Once a workflow is associated with a detection rule, the workflow will run when a detection is made.
If you would like to be a part of this Early Access program, please reach out to your Rapid7 point of contact, or add a comment to this post and we can reach out independently!