RiskSenseGetRansomewareCVEScript

This script is a helper script for the Ransomware Exposure - RiskSense playbook and retrieves information of CVEs and trending CVEs from host finding details.

Script Data


NameDescription
Script Typepython3
TagsRiskSense
Demisto Version5.0.0

Inputs


Argument NameDescription
trendingTrending is defined by RiskSense as vulnerabilities that are being actively abused by attackers in the wild based on activity in hacker forums and Twitter feeds, as well as analysis of 3rd party threat intelligence sources.

Outputs


PathDescriptionType
RiskSense.RansomwareCves.CveThe ID of the CVE.String
RiskSense.RansomwareCves.CVSSThe CVSS score of the CVE.Number
RiskSense.RansomwareCves.VRRThe risk rate of the host finding.Number
RiskSense.RansomwareCves.ThreatCountThe total number of threats associated with the CVE.Number
RiskSense.RansomwareCves.TrendingThis signifies whether the vulnerability (which is associated with the hostFinding) has been reported by our internal functions as being trending.boolean
RiskSense.RansomwareCves.VulnLastTrendingOnDate when last trending vulnerability was found.String
RiskSense.RansomwareCves.DescriptionA description of the CVE.String
RiskSense.RansomwareCves.Threats.TitleThe title of the threat.String
RiskSense.RansomwareCves.Threats.CategoryThe threat category.String
RiskSense.RansomwareCves.Threats.SeverityThe severity level of the threat.String
RiskSense.RansomwareCves.Threats.DescriptionThe threat description.String
RiskSense.RansomwareCves.Threats.CveList of CVEs that contain particular threat.Unknown
RiskSense.RansomwareCves.Threats.SourceThe source of the threat.String
RiskSense.RansomwareCves.Threats.PublishedThe time when the threat was published.String
RiskSense.RansomwareCves.Threats.UpdatedThe time when the threat was last updated.String
RiskSense.RansomwareCves.Threats.ThreatLastTrendingOnThe last time when threat was in trending.String
RiskSense.RansomwareCves.Threats.TrendingWhether the threat is trending.boolean
RiskSense.RansomwareTrendingCves.CveThe ID of the CVE.String
RiskSense.RansomwareTrendingCves.CVSSThe CVSS score of the CVE.Number
RiskSense.RansomwareTrendingCves.VRRThe risk rate of the host finding.Number
RiskSense.RansomwareTrendingCves.ThreatCountThe total number of threats associated with the CVE.Number
RiskSense.RansomwareTrendingCves.TrendingThis signifies whether the vulnerability (which is associated with the hostFinding) has been reported by our internal functions as being trending.boolean
RiskSense.RansomwareTrendingCves.VulnLastTrendingOnDate when last trending vulnerability was found.String
RiskSense.RansomwareTrendingCves.DescriptionA description of the CVE.String
RiskSense.RansomwareTrendingCves.Threats.TitleThe title of the threat.String
RiskSense.RansomwareTrendingCves.Threats.CategoryThe threat category.String
RiskSense.RansomwareTrendingCves.Threats.SeverityThe severity level of the threat.String
RiskSense.RansomwareTrendingCves.Threats.DescriptionThe threat description.String
RiskSense.RansomwareTrendingCves.Threats.CveList of CVEs that contain particular threat.Unknown
RiskSense.RansomwareTrendingCves.Threats.SourceThe source of the threat.String
RiskSense.RansomwareTrendingCves.Threats.PublishedThe time when the threat was published.String
RiskSense.RansomwareTrendingCves.Threats.UpdatedThe time when the threat was last updated.String
RiskSense.RansomwareTrendingCves.Threats.ThreatLastTrendingOnThe last time when threat was in trending.String
RiskSense.RansomwareTrendingCves.Threats.TrendingWhether the threat is trending.boolean
Date.CurrentDateThe current dateString
Date.WeekAgoDateThe date that was 7 days ago starting from current date.String
CVECountThe count of the CVEs.Number
TrendingCVECountThe count of the trending CVEs.Number