Skip to main content
All CollectionsTemplatesAdvanced
CVE Search in Wiz, Snyk and Armis with Jira Issue Tracking - Workflow Template
CVE Search in Wiz, Snyk and Armis with Jira Issue Tracking - Workflow Template

On mention from Slack, search for CVE in Wiz, Snyk, and Armis. Report on findings in Slack and open and update Jira parent and child issues

Updated over 7 months ago

The workflow template streamlines the threat response process by integrating with Slack for CVE mentions, querying Snyk, Wiz, and Armis for potential vulnerabilities, and managing findings through Jira issue tracking. Upon CVE mention in Slack, the workflow searches for relevant Common Vulnerabilities and Exposures (CVEs) across the specified security platforms. It then reports findings back in Slack, systematically opens or updates parent and child Jira issues for actionable tracking and, if no findings are present, and a parent issue exists, it adds a comment and closes the issue, ensuring comprehensive threat management and communication within the team.

Trigger

Slack

Optional Triggers

"Microsoft Teams"

Use Cases

Security Bots , Threat Hunting

Workflow Breakdown

  1. Receive mention from Slack on cve-search

  2. Search for CVE in Snyk, Wiz and Armis

  3. Report current findings in Slack

  4. Open Jira parent and child issues for each platform if one does not exist.

  5. Update the JSON attachment in the child issue with the findings, and any changes from the previous execution

  6. If no findings are found and a parent issue exists, add comment and close the parent issue

Vendors

Slack, Utils, Wiz, Jira Cloud, Recorded Future, Armis, Snyk

Workflow Output

Output to Slack and Jira issues

Did this answer your question?