DevHubConnect - Cortex Security Analysis with Claude AI Threat Assessment

This workflow automates security analysis using Cortex and Claude AI (claude-sonnet-4-6), combining Cortex analyzer and responder execution with AI-powered threat interpretation. When an observable is submitted via webhook, Cortex runs the analysis, then Claude interprets the raw findings — classifying threat type, confirming IOCs, generating a risk score (0–100), and producing prioritized recommended actions. Ideal for SOC teams running Cortex who need human-readable AI summaries alongside raw analyzer output. Requires Cortex API credentials and an Anthropic API key (ANTHROPIC_API_KEY).