The "Search for CVE Findings in Orca Triggered by Slack" workflow template allows teams to swiftly identify and communicate the impact of a specific Common Vulnerabilities and Exposures (CVE) within their digital ecosystem. Through Slack, a CVE mention activates a search in Orca for related findings. If assets are affected, the workflow sends a list of asset names back to the Slack thread and offers additional details upon request, aiding prompt and informed security responses.
Trigger
Slack
Optional Triggers
"Microsoft Teams"
Use Cases
CSPM, Security Bots
Workflow Breakdown
Receive a mention via Slack for orca-cve
Search in Orca for the specific CVE
If findings are found for the CVE, send the asset names to the Slack thread
Ask if more details are required, if so, send a snippet of the JSON information to the thread
Vendors
Slack, Utils, Orca
Workflow Output
CVE findings from Orca in the Slack thread