I am new to Firebox, so just setting things up. I have seen the example Threatsync automation policies in the help centre.
Are these a good starting point to apply?
Consider this -
From the docs:
"We recommend that you do not add automation policies until you are familiar with the different types of incidents that can occur in your environment and the remediation actions you can perform."
About ThreatSync Automation Policieshttps://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/WG-Cloud/ThreatSync/Configure ThreatSync/threatsync_configure_automation_policies.html