Calculate Severity - Generic

Deprecated

Use "Calculate Severity - Generic v2" playbook instead

DEPRECATED. Use "Calculate Severity - Generic v2" playbook instead. Calculates and assigns the incident severity based on the highest returned severity level from the following severity calculations:

  • Indicators DBotScore - Calculates the incident severity level according to the highest indicator DBotScore.
  • Critical assets - Determines if a critical assest is associated with the invesigation.
  • 3rd-party integrations - Calculates the incident severity level according to the methodology of a 3rd-party integration.

NOTE: the new severity level overwrites the previous severity level even if the previous severity level was more severe.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • Calculate Severity - DBotScore
  • Calculate Severity - 3rd-party integrations
  • Calculate Severity - Critical assets

Integrations

  • Builtin

Scripts

This playbook does not use any scripts.

Commands

  • setIncident

Playbook Inputs


NameDescriptionDefault ValueSourceRequired
QualysSeverityThe qualys vulnerability severity score (1-5).SeverityQualysOptional
DBotScoreThe array of all indicators associated with the incident.NoneDBotScoreOptional
EndpointThe endpoint to check against the critical lists.NoneEndpointOptional
AccountThe user account to check against the critical lists.NoneAccountOptional
NexposeSeverityThe Nexpose vulnerability severity score. Can be, "Moderate", "Severe", or "Critical".Asset.Vulnerability.SeverityNexposeOptional

Playbook Outputs


There are no outputs for this playbook.

Playbook Image


Calculate_Severity_Generic