The Security Incident Play

The Security Incident Play

Let’s say you sell security solutions and want to reach out to companies right when they experience a data breach or cybersecurity event. Timing matters—and with Unify, you can program an AI agent to scan for security incidents across your target accounts and trigger outbound automatically when it detects one.

We’ll be using Unify, the all-in-one outbound automation platform that lets you build plays based on real-time web activity, public signals, and AI insights.

Start by building your AI agent. Go to the Agents tab, click New Agent, and name it something like “Security Incident Tracker. Set the record type to Company and add two questions: “Was there a recent security breach or incident in the news?” and “What was the name of the incident?”—with the second returning a text response that can be dynamically inserted into your messaging.

Test the agent by running it on a well-known company that has had an incident. The agent will search the internet, confirm whether a breach occurred, and return a named result you can reference later in your email copy.

Next, define your persona. For this play, we’re targeting Heads of Security. Use Unify’s Persona Builder to specify relevant titles like Chief Security Officer, Head of Security, and Cybersecurity Program Manager. You can also exclude unrelated roles, like Physical Security, to keep outreach tightly focused.

Now, write your sequence. This should reference the incident directly in the opening line. For example: “Hi [First Name], I saw [Company] was recently affected by [Security Incident Name]. We help security teams respond quickly and close similar gaps…” Use dynamic fields and snippets to personalize at scale.

Let’s bring it all together in a play.

Go to the Plays section, click Create New, and build from scratch. The trigger will be your territory or account list—this kicks off the automation for every company you care about.

Add your AI Agent node and connect the security incident tracker. Mark companies as qualified when the incident flag returns true. This ensures your sequence only reaches those with recent relevant activity.

Next, insert a prospecting node to find up to three decision-makers with your defined Head of Security persona at each qualified company.

Add a loop block so that each prospect is handled individually.

Then, drop in your sequencing block. Route prospects by persona into the appropriate sequence—here, all qualified security leads will enter the “Heads of Security” sequence you wrote earlier, referencing the detected breach.

Lastly, make this play recurring. In your play settings, turn on the ability to rerun on the same record every 30 days. This ensures you’re always catching new incidents as they happen.

And that’s it. You’ve built an outbound play that detects live security events and reaches the right people with exactly the right message—automatically.

This play is perfect for vendors offering breach remediation, incident response tools, or risk assessment services.

If this idea inspired you, don’t forget to like, comment, and subscribe. And if you want help building a similar outbound automation for your team, click the demo link below. Thanks for watching and see you in the next video.