This workflow template automates the process of identifying new cloud security vulnerabilities by retrieving data from the Open Cloud Vulnerability Database. It sorts the vulnerabilities by disclosure date, filters out any previously identified issues, and notifies a designated Slack channel with the details. This workflow is essential for maintaining up-to-date threat intelligence and swiftly acting on newly discovered threats in cloud environments.
Optional Triggers
Webhook,Slack,"Microsoft Teams"
Use Cases
Threat Intelligence Enrichment
Workflow Breakdown
Retrieve latest vulnerabilities from the Open Cloud Vulnerability DB
Sort findings by the disclosure date
Check that last time findings were found, and filter for new findings
Send a Slack message per vulnerability and if CVE information is provided, add as a snippet to the thread
Vendors
Slack, Utils, HTTP, Torq
Workflow Output
Vulnerabilities information sent to a Slack channel