When creating a JIRA ticket, Vulcan will generate the details into the JIRA ticket by 5 main subjects:
1. Vulnerability Details
2. Vulnerability Solutions
3. Vulnerability Description
4. CVEs, CWEs
5. Source triggered in Vulcan (Automation vs Manual)
Link to the Vulnerability page on Vulcan
Number of affected assets that match to the playbook criteria
*The Assets information will be attached as CSV to the ticket
Related assets tags and their impact in Vulcan.
Example - Vulnerability on Vulcan
Solutions will attach to the ticket in two ways:
1. In the ticket description, Vulcan will generate the best first 10 solutions. (Solution number 1 will be the most effective to use).
2. As attache CSV, Vulcan will generate the full list of fixes, by effectiveness hierarchy. On the CSV, the solutions will contain the solution source by link and not the full description.
Vulcan will attach the description as presented in the platform.
Vulcan will attach the CVE and CWE information to the JIRA description field:
Source triggered in Vulcan
Vulcan will mention on the ticket discretion whether the ticket created by Automation and the number of the triggered playbook.
Vulcan will set the status of the tickets as 'Open', when the tickets are opened by an automation.
Users can choose if the Vulcan automation will close or not a ticket when creating a Playbook. The following conditions need to be fulfilled to mark a Jira issue as done:
The option to 'Mark issue as done' in the Playbook was enabled
All vulnerability instances in a campaign created by a Playbook are fixed
There is a transition that allows a ticket to transit from Open >> Done
The issue in Jira will be closed succesfully.