This is a Cohesity integration for use with Microsoft Sentinel's cloud-native security information and event manager (SIEM) platform, to enable Security Operators and ITOps the automation and operational simplicity to respond to threats and recover from ransomware incidents, from inside Microsoft Sentinel. Below are the key workflows:

1. Ransomware alerts from Cohesity Data Cloud and Cohesity Cloud Services into Microsoft Sentinel via RESTful APIs integration

2. Automatic Incidents with details of the alerts

3. Escalate to ITSM tool via pre-built or custom Playbook

4. Initiate recovery of clean snapshot with no anomalies via pre-built Playbook

5. Closed loop integration closes out the alert in Cohesity Data Cloud via a pre-built Playbook