CyOPs™ 5.0.0 provides you with the ability to convert a BPMN Shareable Workflows to CyOPs™ playbooks. Business Process Model and Notation (BPMN) is a tool using which you can create flowcharts, and these flowcharts tend to be specific towards cybersecurity workflows. Therefore, this feature provides you with the advantage of importing your BPMN workflows and directly converting them into CyOPs™ playbooks, without the need to again create the same workflow in CyOPs™.
Import the BPMN Shareable Workflows into CyOPs™ as follows:
Export your BPMN Shareable Workflows from your tool, such as Flowable or Camunda.
BPMN workflows are exported in the XML format.
To import the BPMN workflows into CyOPs™:
Note: CyOPs™ 5.0.0 supports importing only a single BPMN workflow, i.e., you cannot import a collection of BPMN workflows.
Log into CyOPs™ and click Automation > Playbooks in the left navigation bar.
Click Import BPMN [Beta], which opens the Import BPMN dialog.
Note: In CyOPs™ 5.0.0, we are providing a Beta Version of this feature so that users can get a preview of this feature.
In the Import BPMN dialog, do the following:
From the BPMN Tool drop-down list, select the tool in which you have created your BPMN workflows.
Note: CyOPs™ 5.0.0 supports Flowable and Camunda.
From the BPMN Output Format drop-down list, select the output format in which your want to convert your BPMN workflow.
Note: CyOPs™ 5.0.0 supports only XML as an output format.
Drag
and drop the BPMN XML file, or click the Import icon and browse to the
XML file to import the BPMN XML file into CyOPs™. If the XML of the
BPMN workflow does contain errors, then a warning will be displayed in
the Import BPMN dialog, which will contain the reason why the XML cannot
be imported into CyOPs™. If the XML of the BPMN workflow does not
contain any mismatched elements or any other errors, then you will be
able to import the workflow as a playbook in CyOPs™. To
import the BPMN workflow file, click Import.This imports the workflow
as a playbook in CyOPs™ with the same name as the workflow.
Note: The
name of the playbook and must be unique, i.e., if you have two
workflows with the same name that you want to import, you must either
change the name of the playbook or click the Replace existing playbook
checkbox to replace the existing playbook.CyOPs™ displays the imported workflow in the Playbook Designer as shown in the following image: Now you can edit the playbook as required in the playbook in CyOPs™ and easily create the automated workflow.
The following table specifies which the BPMN workflow steps, Flowable in this case, maps to what CyOPs™ steps in the playbooks:
Flowable (BPMN) step | CyOPs™ steps | Notes |
SequenceFlows | Routes | Any SequenceFlows defined in your BPMN workflow get converted to a Decision step in CyOPs™ playbooks. |
StartEvents | Trigger steps | Your BPMN workflow must mandatory have a “Start” event which is the starting point of the BPMN workflow. The Start event in the BPMN workflow get converted to a Manual Trigger in CyOPs™ playbooks. |
Gateways | Decision Step | Your BPMN workflow must mandatorily have a “Flow Condition” input which must be referenced to the Gateway ID. |
UserTasks | Manual Tasks step | Note: If the <userTask is not created according to CyOPs™ Manual Task step requirements, then a generic manual task step is created in the CyOPs™ playbook instead of failing the playbook. After you import the workflow you can update the manual task step. |
ServiceTasks | Create Record step Or Update Record step | A <serviceTask> in your BPMN workflow must have the following: <br />- A “Class” attribute to validate the model. <br />- The “Class” attribute must be specified as a module <br />- Addition of a “Class field” which contains either Create or Update. |
ScriptTasks | Connector step or as a Code Snippet step | A <scriptTask> in your BPMN workflow must have the following: <br />- Name = {{ConnectorName}} <br />- scriptFormat = {{CyOPs Connector Action}} <br /> - <script> => CDATA[ {{property mapping}} ] <br />Note: If the connector that you have defined in the <scriptTask> step is not installed in your CyOPs™ instance, then a generic connector step is created in the CyOPs™ playbook instead of failing the playbook. After you import the workflow you can update the connector step. |
MailTasks | SMTP step | The mailTask is type of a <serviceTask> and it must be defined in your BPMN workflow as following: <br /><serviceTask> <br />Flowable:type = mail <br /> |
HttpTasks | CyOPs Utility Step (REST API call) | The httpTask is type of a <serviceTask> and it must be defined in your BPMN workflow as following: <br /><serviceTask> <br />Flowable:type = http <br /> |
CyOPs™ 5.0.0 introduces the CyOPs BPMN To CyberSponse Playbooks connector which is used to convert BPMN workflows that are created in tools such as Flowable or Camuda to CyOPs™ playbooks.
This connector is ready to use, and you do not need to configure this connector. For more information on BPMN workflows and how they can be imported and used as CyOPs™ playbooks, see the Importing the BPMN Shareable Workflows as a CyOPs™ Playbooks topic in the Playbooks Overview chapter in the "Playbooks Guide."
Attached are some sample BPMN XML's of workflows created in Flowable.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.