Vulcan’s automation Playbooks allow you to minimize response time and cut down on mundane manual labor by automating remediation tasks based on business and security conditions.
Create a new Playbook
To create a new Playbook, follow these steps:
- Click “Create new Playbook”.
- Give your new Playbook a meaningful, unique name. Optionally also give it a description.
- Add conditions on vulnerabilities and assets. The automation will only affect vulnerabilities and assets matching these criteria.
- Use the switch to choose whether to run the automation on existing vulnerabilities or only on future vulnerabilities to come.
- Add one or more Remediation actions. These are identical to the actions you can perform manually on a vulnerability. These actions will trigger when a new vulnerability is discovered.
- Optionally, also add SLA breach actions. These actions will only trigger once a vulnerability has breached its SLA as configured in the Settings page.
- Click “Save”.
*Make sure to read playbook's capabilities and constraints here
Create a new Playbook from a Suggested Playbook
To create a new Playbook from a Suggested Playbook, click one of the Suggested Playbooks, modify it and click “Save”.
View or edit a Playbook
To view or edit an existing Playbook, find your Playbook on the list and click on it.
Pause or unpause an existing Playbook
To pause or unpause an existing Playbook, find your Playbook in the list, hover over it and click the pause or unpause buttons. Unpaused Playbooks will not trigger until they are unpaused.
View a Playbook's Activity Log
To view an existing Playbook’s Activity log, either:
- Find your Playbook in the list, hover over it and click the Activity log button, or:
- Click the Playbook, then click the Activity Log button.
Duplicate a Playbook
To duplicate an existing Playbook and create a copy of it, find your Playbook in the list, hover over it and click the duplicate button.
Delete a Playbook
To delete an existing Playbook, find your Playbook in the list, hover over it and click the trashcan button.