Initialize vulnerability remediation via Vulcan Playbooks
- Each playbook must be associated with one of the following sources:
- Vulcan report
Note - Playbooks will only be triggered on vulnerabilities on an asset that their type is a host.
2. Vulnerabilities can be filtered by a wide range of parameters and logical conditions combined by the "and" operator. The parameters that can be used for filtering:
- CVSS Score
- Affected package
- Published on
- Modified on
- Discovery time
- Number of assets
- Has fixes
3. It is also possible to filter the vulnerabilities by their affected assets with logical conditions combined by the "and" operator. The parameters that can be used for filtering:
- Asset Source
4. Remediation actions can be applied by multiple collaboration / deployment tools:
- Service Now
- Email (this action can also be triggered when the vulnerability breaches SLA)
- Ansible (via S3 bucket)
- You can decide to trigger the playbook on existing vulnerabilities or run it only on new ones.
- Playbooks run after any configurational change, as well as twice a day (scheduled).
- Each Playbook is independent, it will trigger based on the conditions set regardless of other playbooks configured that executed before or after.
- For detailed instructions on how to manage playbooks, please visit here.