Raven Action is the automation and workflow orchestration layer within DTACT's Raven platform. It enables security teams to configure, manage, and execute action workflows organized into structured units called "Playbooks." Unlike standalone workflow management tools, Raven Action is designed to integrate natively with the Raven Fusion and Raven Insight layers, forming a cohesive data analysis and response platform. Key capabilities include: - No-code "Action Bricks" that allow users to build and configure workflows without requiring development expertise or dependence on DTACT professional services. - Support for both fully automated actions and human-in-the-loop (HITL) decision points, enabling teams to balance automation with manual oversight where appropriate. - Out-of-the-shelf technical use cases delivered by DTACT, which users can implement, tweak, and extend with their own custom variations. - Free-flow reconfiguration of action workflows at any time without vendor dependency. Supported no-code Action Brick operations include: - Creating triggers for alerts - Inserting additional queries - Sending emails - Enforcing human decisions on action options - Making API calls