Video: https://www.youtube.com/watch?v=SJjR-2ATRugDocumentation Index
Fetch the complete documentation index at: https://docs.socfortress.co/llms.txt
Use this file to discover all available pages before exploring further.
Goal
Run endpoint response actions (collection/containment) from CoPilot and verify outcomes.When to use
- During active incident response
- For repeatable evidence collection workflows
Prereqs
- Response/action capability is configured and tested
Procedure (high level)
- Select the action
- Target the correct endpoint
- Execute and monitor completion
- Review results and document in a case
Validation
- Action completed successfully
- Evidence/results captured and accessible