USE CASES

Ampy’s Tracks

Amplifier takes the complexity out of security operations.

At the heart of the platform are Tracks. These ready-to-use automation flows solve real problems with just a few clicks.

Whether you're triaging alerts, reminding users to complete critical tasks, or managing compliance workflows —Ampy helps you respond faster, reduce risk, and keep your organization secure with these top Track playlists.

No code. No clutter.
Just results.

Identity Management

Track 1

MFA Not Enrolled

Tool: Okta, Entra, Google

Trigger Type: API Polling

User Risk Level:  Critical

Automation Complexity:  Easy

Engagement Summary: Ampy prompts users without MFA to enroll, linking to their Okta dashboard and providing instructions on what to do.

Security Value: Reduces exposure from accounts with weak authentication.

Track 2

Weak MFA Factors

Tool: Okta, Entra

Trigger Type: API Polling

User Risk Level:  High

Automation Complexity:  Easy

Engagement Summary: Ampy prompts users with weak MFA factors to upgrade to more secure factors by providing instructions on what to do.

Security Value: Reduces exposure from accounts with weak authentication.

Track 3

Validate Access Needed

Tool: Okta, Entra

Trigger Type: API Polling

User Risk Level:  Medium

Automation Complexity:  Moderate

Engagement Summary: When users are granted access to privileged or production software, Ampy validates that they need access AND that they know their responsibilities of having such access.

Security Value: Helps enforce Least Privilege at a very granular level. Educates users on expectations of having privileged or production access.

Track 4

Triage Password Failures

Tool: Okta

Trigger Type: Webhook

User Risk Level:  Low

Automation Complexity:  Advanced

Engagement Summary: Ampy can validate if a user failed to change a password.

Security Value: This is a potential IOC that happens frequently. Democratize triage of this alert with end users so we identify suspicious activity very quickly.

Track 5

MFA Factors Deactivated

Tool: Okta

Trigger Type: Webhook

User Risk Level:  Low

Automation Complexity:  Advanced

Engagement Summary: Ampy can validate if a user failed to change a password.

Security Value: This is a potential IOC that happens frequently. Democratize triage of this alert with end users so we identify suspicious activity very quickly.

Track 6

Account Lockout Remediation

Tool: Okta

Trigger Type: Webhook

User Risk Level:  Medium

Automation Complexity:  Advanced

Engagement Summary: Ampy notifies users that their Okta account has been locked and triages if lockout was a result of their activity.

Security Value: Provide better experience for users during account lockouts and identify potentially malicious activity.

Track 1

Validate If User has No Device 

Tool: Amplifier DataGraph

Trigger Type: Datagraph Trigger

User Risk Level:  Medium

Automation Complexity:  Easy

Engagement Summary: Ampy does not see a device for a user and needs to validate if their endpoint is accounted for OR if they don’t use a company resource.

Security Value: Ensures that all user assets are accounted for.

Track 2

The Latest OS

Tool: Automox, Defender, JAMF, Kandji

Trigger Type: API Polling

User Risk Level:  Medium

Automation Complexity:  Moderate

Engagement Summary: Ampy notifies users when their OS needs to be upgraded and works with users to find a time that works for everyone

Security Value: Reduce the number of supported OS versions and associated vulnerabilities.

Track 3

Endpoint Protection Missing

Tool: Amplifier, Datagraph

Trigger Type: Datagraph Trigger

User Risk Level:  Critical

Automation Complexity:  Moderate

Engagement Summary: Ampy identifies when a security tool is missing and can run automations to fix issues or create a ticket for a technical team to fix the issue.

Security Value: Ensures that every device has the proper security tools.

Track 4

Security Tools Not Active

Tool: Amplifier Datagraph

Trigger Type: Datagraph Trigger

User Risk Level:  High

Automation Complexity:  Easy

Engagement Summary: Ampy identifies if a device has a security tool that is not checking in or fully operational.

Security Value: It is really

Track 5

Mitigate Vulnerabilities

Tool: CrowdStrike, Cortex EDR, Defender, Rapid7, Qualys, SentinelOne, Tenable

Trigger Type: API Polling

User Risk Level:  High

Automation Complexity:  Moderate

Engagement Summary: Ampy notifies users about CVEs affecting their devices, with patch instructions.

Security Value: Targets critical vulnerabilities with direct user action.

Track 6

Unmanaged Endpoints

Tool: Okta, Entra, Data Graph

Trigger Type: Polling + Datagraph

User Risk Level:  High

Automation Complexity:  Moderate

Engagement Summary: Warns users of unmanaged or unregistered devices seen on network logging into company applications.

Security Value: Detects rogue devices and shadow IT.

Track 7

Stale Device

Tool: Amplifier Datagraph

Trigger Type: Datagraph Trigger

User Risk Level:  Medium

Automation Complexity:  Advanced

Engagement Summary: Triages if the user still has possession or planning on using an old device that has not checked in.

Security Value: Helps security and IT detect devices that have not been used for a set time period and remove them from the fleet if needed.

Track 8

 Firewall or ScreenSaver Disabled

Tool: Defender, Jamf

Trigger Type: Polling (Jamf Device API)

User Risk Level:  Medium

Automation Complexity:  Easy

Engagement Summary: Ampy reminds users to connect and reboot their device for updates.

Security Value: Prevents devices from falling out of compliance.

Device & Application Management