Add probability of exploit and impact to vulnerability automations

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

https://fleetdm.com

Other

3.02k stars 419 forks source link

Add probability of exploit and impact to vulnerability automations #5784

Open noahtalerman opened 2 years ago

noahtalerman commented 2 years ago

Goal

As a Fleet user, I want to see the probability of exploit (epss_probability) and severity (cvss_score) in the webhook payload and ticket (Jira or Zendesk) so that I only post a message to Slack if the vulnerable software is above a probability of exploit threshhold.

noahtalerman commented 2 years ago

Notify these folks when this issue makes it into a planned release or is de-prioritized:

@GuillaumeRoss

This improvement was prioritized (committed to release in the next 6 weeks) during 🗣 Product office hours on 2022-05-17.

noahtalerman commented 2 years ago

@GuillaumeRoss heads up, this improvement is being de-prioritized. Please feel free to bring this issue back to any future Product office hours.

The "Expansion of host vitals" epic (#397) will likely fill interface capacity for the next 6 weeks.