Skip to main content
All CollectionsTemplatesBasic
Retrieve New Exploited Vulnerabilities from CISA update via Teams - Workflow Template
Retrieve New Exploited Vulnerabilities from CISA update via Teams - Workflow Template

On a daily schedule poll the latest CISA vulnerabilities and update a Teams channel on any new CVEs and include references from NIST

Updated over 6 months ago

This Torq workflow template automates the process of monitoring and reporting new exploited vulnerabilities as released by CISA. It identifies new vulnerabilities by comparing the latest data against the previous polling interval, enriches the findings with NIST references, and notifies the specified Microsoft Teams channel about any new findings. This proactive threat intelligence workflow maintains an updated global variable for ongoing tracking and is vital for organizations aiming to stay informed about potential security threats.

Take Me to the Template

Optional Triggers

Webhook

Use Cases

Threat Intelligence Enrichment

Workflow Breakdown

  1. Download the latest vulnerabilities from CISA

  2. Compare the data to the last polling interval

  3. Enrich the finding with references from NIST

  4. Notify the Teams channel on any new finding

  5. Update the global variable with the latest data to compare on the next execution

Vendors

Utils, Microsoft Teams Bot, Torq, NIST NVD, CISA

Workflow Output

Teams channel notification of latest vulnerabilities

Related Articles
Process New NIST NVD Vulnerabilities (NVD) - Workflow Template
Block Domain Finding on PerceptionPoint (IntSights) - Workflow Template
Retrieve New Exploited Vulnerabilities from CISA - Workflow Template
Process New Cloud Vulnerability DB Issues (Open CVDB) - Workflow Template
Did this answer your question?