Requirements
You will need 3 things in place in order to use Squyre.
You must have an AWS account to host it. It runs solely in AWS using serverless services (lambdas and step functions). If you don’t have one, don’t be too concerned with signing up - if you’re only running a few test alerts through Squyre AWS “Free Tier” should mean the cost is negligible (if not completely free).
You need something that is generating security alerts for you. Well, obviously! Currently, we support Splunk or Opsgenie as alert sources, but we also have experimental support for Sumo Logic. If you don’t use any of these, but your platform supports sending alerts to AWS SNS or a Webhook, raise an issue and we can look at adding support - should be fairly easy!
You need something capturing the steps taken to investigate alerts, like a ticketing system. This is commonly a task management platform like Jira, ServiceNow etc. We support Jira or Opsgenie as output providers right now.