1. Home
  2. /InfoSec & Cyber
  3. /Hands-on Labs
  4. /Zapier Automation Lab
Feeling StupidKeyboard Layout

Lab: Introduction to Zapier Automation

Build your first automated workflow (Zap) that connects Google Forms to email notifications — no coding required.

Lab Objectives

  • Create a free Zapier account and navigate the dashboard.
  • Understand Zapier terminology: Zaps, Triggers, Actions, and Filters.
  • Build a Zap that sends an email notification when a Google Form is submitted.
  • Test the Zap and verify it runs successfully.
  • Explore multi-step Zaps and conditional logic.

Prerequisites

  • A web browser (Chrome, Firefox, or Edge).
  • A Google account (for Google Forms and Gmail).
  • An email address for testing notifications.

Part 1: Zapier Terminology

Before building, understand the key concepts:

TermDefinition
ZapAn automated workflow connecting two or more apps. Each Zap has a trigger and one or more actions.
TriggerThe event that starts a Zap. Example: "New form submission" or "New email received".
ActionWhat happens after the trigger fires. Example: "Send an email" or "Create a spreadsheet row".
FilterA conditional step that only lets the Zap continue if certain criteria are met.
TaskEach time an action runs successfully, it counts as one task. Free plans have a monthly task limit.

Part 2: Create a Zapier Account

  1. Go to zapier.com and click Sign Up.
  2. Sign up with your Google account or email address.
  3. Select the Free plan (100 tasks/month, 5 Zaps).
  4. Complete the onboarding questions (you can skip them).
  5. You should now see the Zapier dashboard with a Create Zap button.

Part 3: Create a Google Form

Create a simple form that will serve as the trigger for your Zap.

  1. Go to forms.google.com and click Blank form.
  2. Title the form: Security Incident Report.
  3. Add the following fields:
    • Reporter Name (Short answer)
    • Incident Type (Dropdown: Phishing, Malware, Unauthorized Access, Data Breach, Other)
    • Severity (Multiple choice: Low, Medium, High, Critical)
    • Description (Paragraph)
  4. Click the Send button and copy the form link — you will use it for testing later.
  5. Submit one test response now so Zapier can see sample data when you configure the trigger.

Part 4: Build the Zap

Step 1: Set up the Trigger
  1. In Zapier, click Create Zap.
  2. For the Trigger App, search for and select Google Forms.
  3. For the Trigger Event, select New Response in Spreadsheet.
  4. Click Continue and connect your Google account when prompted.
  5. Select your Security Incident Report form and its linked spreadsheet.
  6. Click Test Trigger — Zapier should find your test submission.
  7. Click Continue.
Step 2: Set up the Action
  1. For the Action App, search for and select Email by Zapier (or Gmail).
  2. For the Action Event, select Send Outbound Email.
  3. Click Continue.
  4. Configure the email:
    • To: Your email address
    • Subject: Security Incident Report - [Severity] (click the + button to insert the Severity field from the trigger)
    • Body: Include fields from the form:
      New Security Incident Report

Reporter: [Reporter Name]
Type: [Incident Type]
Severity: [Severity]

Description:
[Description]

Submitted at: [Timestamp]
  5. Click Continue.
Step 3: Test and Publish
  1. Click Test Action — Zapier will send a test email using the sample form data.
  2. Check your inbox for the test email. Verify all form fields appear correctly.
  3. Click Publish Zap (or Turn on Zap).
  4. Your Zap is now live.

Part 5: Test the Live Zap

  1. Open your Google Form link in a browser.
  2. Submit a new response with realistic test data:
    • Reporter: Jane Smith
    • Incident Type: Phishing
    • Severity: High
    • Description: Received a suspicious email impersonating the CEO requesting a wire transfer. Email contained a spoofed domain.
  3. Wait 1–5 minutes (free plans check triggers every 15 minutes; you can manually trigger in the Zapier dashboard by clicking Run).
  4. Check your email inbox for the notification.
  5. In the Zapier dashboard, click Zap History to see the run log.

Part 6: Bonus – Add a Filter

Add a filter so the email only sends for High or Critical severity incidents.

  1. In the Zap editor, click the + between the trigger and action to add a step.
  2. Select Filter by Zapier.
  3. Set the condition: Severity(Text) ContainsHigh.
  4. Click + Or and add: Severity(Text) ContainsCritical.
  5. Click Continue and test with a "Low" severity submission — the filter should block it.
  6. Test with a "High" severity submission — the email should send.

Deliverables

  • Screenshot of your Google Form with all fields configured.
  • Screenshot of the Zap editor showing trigger and action steps.
  • Screenshot of the notification email received with form data.
  • Screenshot of the Zap History showing successful task completion.
  • Screenshot of the filter configuration (bonus).
  • A short written answer: Name two real-world cybersecurity workflows that could be automated with Zapier or a similar SOAR tool.

Zapier Free Plan Limits

  • 100 tasks/month
  • 5 Zaps (active workflows)
  • Single-step Zaps only (plus filters)
  • 15-minute trigger check interval

Popular Security Integrations

  • Slack — Alert channels for incidents.
  • Google Sheets — Log incidents to a spreadsheet.
  • Jira / Trello — Create tickets from alerts.
  • PagerDuty — On-call escalation.
  • Webhooks — Connect to any API.

SOAR Connection

Zapier demonstrates the same principles as Security Orchestration, Automation, and Response (SOAR) tools:

  • Orchestration — Connecting multiple tools together.
  • Automation — Triggering workflows without human intervention.
  • Response — Taking action based on events (alerts, notifications, tickets).

Enterprise SOAR tools (Splunk SOAR, Palo Alto XSOAR) work the same way but integrate with security-specific platforms.