---
title: Security workflows
description: Use workflows to automate security operations, respond to alerts, and manage detection rules at scale in Elastic Security.
url: https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/5950/explore-analyze/workflows/use-cases/security
products:
  - Elastic Cloud Enterprise
  - Elastic Cloud Hosted
  - Elastic Cloud Serverless
  - Elastic Cloud on Kubernetes
  - Elastic Stack
  - Kibana
applies_to:
  - Elastic Cloud Serverless: Preview
  - Elastic Stack: Preview since 9.3
---

# Security workflows
Security teams use workflows for two broad patterns: automating the response to individual alerts, and running operational tasks across large sets of detection rules. This section covers both.
- [Automate security operations](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/5950/explore-analyze/workflows/use-cases/security/automate-security-operations): Respond to alerts automatically, create and populate cases, route notifications by severity, enrich alerts with external context, and investigate with AI assistance.
- [Manage detection rules at scale](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/5950/explore-analyze/workflows/use-cases/security/manage-detection-rules): Audit rule health on a schedule, surface and alert on rule errors, report on coverage, and sync rule status to external systems.