Darkmon - Critical CVE Pipeline

Daily filter of new CVEs (CVSS >= 9) against the customer's tech-stack tags. Matches open a 'Darkmon Critical CVE' incident per match and ticket via Generic Notify.

Darkmon · 9 tasks · 1 input · 1 output

Inputs

  • MinCVSS — Minimum CVSS score for a CVE to qualify as critical and create an incident. Defaults to 9.0 (Critical band per NVD). Lower to 7.0 to include High severity, or 8.5 to include borderline High/Critical.

Outputs

  • FilteredCVEs — CVEs that passed the CVSS + tech-stack filter.

Commands used

dmontip-get-cve

Flowchart

yes Start Start Fetch CVE feed - dmontip-get-cve Fetch CVE feed dmontip-get-cve Filter by CVSS >= 9 and tech-stack tags - DarkmonFilterCVEs Filter by CVSS >= 9 and t... DarkmonFilterCVEs Dedup against seen CVEs - DarkmonFilterUnseen Dedup against seen CVEs DarkmonFilterUnseen Open CVE remediation incidents - DarkmonCreateIncidents Open CVE remediation inci... DarkmonCreateIncidents File ticket with vuln-mgmt team - Darkmon - Generic Notify File ticket with vuln-mgm... Darkmon - Generic Notify Done Done Is Darkmon integration available? - IsIntegrationAvailable Is Darkmon integration av... IsIntegrationAvailable Done Done