Loading
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            AI Actions for IT Security Management

            You are here:

            1. Salesforce Help
            2. Docs
            3. Agentforce IT Service

            AI Actions for IT Security Management

            Employees can report security incidents, request firewall changes, manage certificates, and initiate security reviews using Agentforce in a channel of their choice, such as the portal, Slack, or Teams. Ensure rapid threat response and streamlined security operations to protect corporate assets.

            Required Editions

            Available in: Lightning Experience
            Available in: Unlimited and Enterprise editions with AI Agent for Employees add-on.

            Agentforce guides employees through reporting phishing attempts and stolen devices, submitting firewall and network configuration requests, and coordinating vendor security assessments for rapid threat response.

            Answer Questions with Knowledge

            Here's how an employee asks a question about IT security policies and threat response procedures by using Agentforce. You can also see the action that's triggered in response to the employee's input.

            Instructions Example Utterance or User Input Agent response Standard Action Engaged
            Ask a question about IT security policies, incident response procedures, or firewall and certificate management so that the agent can search the knowledge base and provide a relevant answer.
            • What is the process for reporting a phishing email?
            • How do I request a firewall rule change for my application?
            • What are the steps to report a stolen corporate device?
            • How do I initiate a vendor security review?
            		 The agent searches the knowledge base and returns a relevant answer based on your question (for example, to report a phishing email, forward the suspicious message to security@company.com and do not click any links or download attachments). If no match is found, the agent offers to raise a ticket or escalate to the support team. Answer Questions with Knowledge

            Get Eligible Service Catalog Items

            Here's how an employee retrieves eligible IT security service catalog items by using Agentforce. You can also see the action that's triggered in response to the employee's input.

            Instructions Example Utterance or User Input Agent response Standard Action Engaged
            Describe the security service or operation you need so that the agent can retrieve the eligible service catalog items that match your request.
            • What IT security catalog items am I eligible for?
            • Show me the available services I can request for security operations.
            • What firewall or certificate services can I request from the catalog?
            • List the security services available for my team.
            		 The agent retrieves a list of eligible service catalog items based on your description and presents the matching results (for example, based on your request, the following service catalog items are available: Firewall Rule Change, SSL Certificate Request, Security Incident Report, and Vendor Security Review). Select an item to proceed with your request. Get Eligible Service Catalog Items

            Execute Service Catalog Item Flow

            Here's how an employee runs an IT security service catalog item flow by using Agentforce. You can also see the action that's triggered in response to the employee's input.

            Instructions Example Utterance or User Input Agent response Standard Action Engaged
            Request an IT security service catalog item so that the agent can initialize the flow using the product ID and guide you through each step until the request is complete.
            • I need to submit a firewall rule change for my application.
            • How do I request an SSL certificate for our new service?
            • I'd like to initiate a vendor security review for a third-party tool.
            • Can I report a security incident through the service catalog?

            The agent initializes the service catalog item flow using the product ID and guides you through a series of steps, collecting the required inputs at each stage (for example, after you select Firewall Rule Change, the agent prompts you to specify the source IP, destination IP, port, protocol, and business justification). The agent continues looping through subsequent steps until the flow is complete or an error is returned.

            Note
            Note This action is designed for catalog items with a manageable, predictable set of configuration options. It is not intended for highly complex product configurations.
            		 Execute Service Catalog Item Flow

            Get Product Launch Card

            Here's how an employee retrieves IT security service process launch details by using Agentforce. You can also see the action that's triggered in response to the employee's input.

            Instructions Example Utterance or User Input Agent response Standard Action Engaged
            Provide the IT security service or operation name so that the agent can retrieve the corresponding process launch details, including the cover image and the intake form link.
            • How do I get started with the firewall change request process?
            • Show me the launch details for the SSL certificate request service.
            • Where can I find the intake form for the security incident report?
            • Get me the product launch card for the vendor security review service.
            		 The agent retrieves the process launch details for the requested IT security service and presents a card with the cover image and a link to the specific intake form (for example, here is the launch card for the Firewall Rule Change process. Click the link to open the intake form and submit your request). Get Product Launch Card

            Create Incident For Employee

            Here's how an employee creates an incident for an unresolved IT security issue by using Agentforce. You can also see the action that's triggered in response to the employee's input.

            Instructions Example Utterance or User Input Agent response Standard Action Engaged
            Describe your IT security issue so that the agent can create an incident on your behalf if the issue cannot be resolved with knowledge articles or if no relevant articles exist.
            • I think my account has been compromised. Please raise a ticket.
            • None of the articles helped with my firewall issue. Can you create an incident for me?
            • I need to log an incident for a suspected malware infection on my device.
            • The suggested articles didn't resolve my certificate expiry issue. Please create an incident.

            The agent creates an incident for the reported IT security issue and provides a confirmation with the ticket number (for example, INC-0055, potential account compromise detected for user@company.com, status: assigned to Security Operations team).

            Note
            Note The agent creates an incident only when the issue cannot be resolved with existing knowledge articles or when no relevant articles are available. If matching knowledge articles are found, the agent presents them first before creating an incident.
            		 Create Incident For Employee
             
            Loading
            Salesforce Help | Article