Vulnerability Enrichment and Ticket Creation - Google Threat Intelligence
This playbook enriches CVE information using the Google Threat Intelligence enrichment command and determines the appropriate action for each CVE based on key risk factors. For every extracted CVE, the playbook evaluates the Exploitation State, Risk Rating, and CVSS scores to decide whether to create a ServiceNow ticket using the "ServiceNow v2" integration or route the incident for analyst review.
GoogleThreatIntelligence · 12 tasks · 2 inputs · 0 outputs
Inputs
cve_input— Optional Provide a comma-separated list of CVEs.onCall— Set to true to assign only the user that is currently on shift. Default is False.
Commands used
cve
findIndicators