Automated Workflows Overview

This is a powerful and intuitive automation framework that allows you to create custom task sequences within the Absolute console.

Automated Workflow processing uses data to trigger actions, including endpoint information like vulnerability state, network location, software installations, processes running, and more.

The 24x7 demands of IT and Security require that solutions be delivered in a variety of manners and times on schedules planned and predictable, constantly guarding, or unforeseen and urgent. Any of these options can target the devices you need by query, group, site, or organizational structure of choice.

Actions are bricks from which you build your complex automated workflows. Add a task action to a Cortex Workflow to perform simple or highly complex functions, and run another task action on the behavior of the previous actions. Multiple outcomes can be configured from a single workflow step, as well as multiple actions lined to a single next step.

You can immediately start using pre-built workflows without having to create custom automation from scratch. The Run Now section provides ready-to-use automation templates to help you quickly address critical system needs. These workflows include a variety of security and patching tasks.

Under Examples you can run the following ready-to-use workflows:

Critical Patch Deployment (No Prompts):

Checks for critical patches → Determines if a reboot is required → If a reboot is needed, it initiates one → If not, the system proceeds with patch deployment.

Deploys patches for all installed third-party applications.

Patch All 3rd Party Application:

Deploys patches for all installed third-party applications.

Patch All Vulnerabilities(CVSS) with Prompts:

Checks if disk space is below 10% and performs a cleanup → If cleanup is successful, notifies the end user about the patching process → Implements a pre-deployment prompt for user approval → Deploys all patches with a CVSS score above "NA" (i.e., all rated vulnerabilities) → Rechecks for a required reboot and, if necessary, prompts the user before restarting.

Patch Deploy All with Prompts:

Deploys all available patches (including OS and third-party). Prompts the user throughout the process for approvals and reboots, if required.

Scan All:

Scans all devices to identify missing patches → Provides prompts before applying updates → Ensures a user-approved patch deployment process.

Additionally, the Run Now section includes different categories of workflows designed to address various system and security needs. These categories may include:

Health Monitoring
- Tracks system performance metrics such as:
  - CPU Usage – Monitors current CPU load across devices.
  - Free Disk Space – Checks available disk space to ensure sufficient storage.
  - RAM Usage – Evaluates memory consumption on devices.
Security Checks
- Provides workflows to verify security settings, such as:
  - Ensuring BitLocker is enabled.
  - Checking if the Firewall is active.
  - Identifying unpatched vulnerabilities.
Software Management
- Automates application updates and patch deployment.
- Identifies outdated or unapproved software.
System Maintenance
- Automates routine maintenance tasks such as:
  - Disk cleanup to free up storage.
  - Restarting services or initiating a device reboot.
  - Checking for required system updates.

The overview of the toolbar for existing Cortex workflows is available from the dashboard.

Run Now

Click 'Run Now' from within a ready Workflows list.

After clicking 'Run now' a 'Select Devices' option will appear.

Select a single or multiple devices to run the job on > click 'Run Now'.

Edit

Modify an existing Automated Workflow.

Publish Policy

Publish the Cortex Workflow as a policy. This will open the Policy builder window.

You can add a name and description of the policy, select a recurrence trigger, configure the blackout hours options and select the devices on which the policy will be running.