Slack Alerts & Jira Tickets for Quarantined Malicious Emails
Triggers on Sublime Security alerts to notify Slack users of quarantined emails and auto-creates Jira tickets if opened, streamlining incident response.
This n8n workflow automates security incident response for emails flagged by Sublime Security. It starts with a Webhook trigger receiving POST alerts from Sublime, followed by an HTTP Request to fetch detailed message info using the messageId. The flow then branches into two parallel paths: one looks up the recipient in Slack by email and sends a notification with email subject, sender, and quarantine details; the other checks the 'read_at' timestamp to detect if the email was opened.
If opened
Platform
n8n
Category
Health & Fitness
Price
$19.99
Creator
Matt Buds
security
slack
jira
email-quarantine
sublime-security
incident-response
phishing
automation
notification
it-ops
How to import this workflow into n8n
1Purchase or download the workflow to get the n8n workflow JSON file.
2In your n8n instance, open Workflows and choose "Import from File" (or paste the JSON with Ctrl+V on the canvas).
3Open each node marked with a credential warning and connect your own accounts and API keys.
4Run the workflow once manually to verify the data flow, then toggle it to Active.