-
Notifications
You must be signed in to change notification settings - Fork 0
/
cacao-vulnerability-response-process.json
89 lines (89 loc) · 3.48 KB
/
cacao-vulnerability-response-process.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
{
"type": "playbook",
"spec_version": "cacao-2.0",
"id": "playbook--59cef9c2-1944-4265-9f0f-0682693596cf",
"name": "Vulnerability Response Process",
"description": "Standard vulnerability management programs include phases for identifying, analyzing, remediating, and reporting vulnerabilities. This playbook describes the vulnerability response process in terms of standard vulnerability management program phases. ",
"created_by": "identity--f0facbf9-aa22-4daf-b781-1f4d5cb96d87",
"created": "2023-09-04T14:35:06.149Z",
"modified": "2023-09-04T14:35:08.500Z",
"revoked": false,
"derived_from": [
"playbook--187ed08f-64e5-4cef-badf-13058bf55214"
],
"workflow_start": "start--976ad7a1-53c8-4e19-9635-96011d6bf4f7",
"workflow": {
"start--976ad7a1-53c8-4e19-9635-96011d6bf4f7": {
"on_completion": "action--ba1b53c9-0a41-449e-b642-d7a44373bcda",
"type": "start"
},
"action--ba1b53c9-0a41-449e-b642-d7a44373bcda": {
"name": "Identification of Actively Exploited Vulnerability in the Wild.",
"on_completion": "if-condition--5060d144-9535-4b75-bea5-0b477f7249bf",
"type": "action"
},
"if-condition--5060d144-9535-4b75-bea5-0b477f7249bf": {
"name": "Vulnerability Present?",
"on_completion": "end--19eb2990-fc40-4cbc-84f1-22c8ca357526",
"type": "if-condition",
"on_true": "parallel--6020e6a6-7f3e-42e0-9c6c-df080fd93508",
"on_false": "action--4502d396-fdb8-45be-a937-6c02ab97a521"
},
"action--4502d396-fdb8-45be-a937-6c02ab97a521": {
"name": "As Directed, Report Status to CISA.",
"on_completion": "end--2aa9ce57-3e60-4a72-a006-1e23a0f6e5bb",
"type": "action"
},
"end--2aa9ce57-3e60-4a72-a006-1e23a0f6e5bb": {
"type": "end"
},
"parallel--6020e6a6-7f3e-42e0-9c6c-df080fd93508": {
"on_completion": "end--f710a35e-ad4b-4b05-b9d9-8cb5b852bdb6",
"type": "parallel",
"next_steps": [
"if-condition--71df8f84-78d8-43d4-97b7-2476eb8eeae9",
"if-condition--24c4a75b-fc4b-4b1f-b85b-cf66719bf6e0"
]
},
"if-condition--71df8f84-78d8-43d4-97b7-2476eb8eeae9": {
"name": "Can you patch?",
"on_completion": "end--4e825c5c-7847-4889-99cc-3b367a5e0e5b",
"type": "if-condition",
"on_true": "action--870a3b59-d945-423f-b46f-ff102a58e318",
"on_false": "action--8263a75a-4e75-4657-be46-253a4a3835fb"
},
"if-condition--24c4a75b-fc4b-4b1f-b85b-cf66719bf6e0": {
"name": "Signs of Exploitation?",
"on_completion": "end--5b982431-6ee0-4273-8cd4-b7a26f13184d",
"type": "if-condition",
"on_true": "action--520c3ccd-b7b6-4a8f-9f9f-f5a0dd9a078f"
},
"action--520c3ccd-b7b6-4a8f-9f9f-f5a0dd9a078f": {
"name": "Report to IR Team IR process starts",
"on_completion": "action--4502d396-fdb8-45be-a937-6c02ab97a521",
"type": "action"
},
"action--870a3b59-d945-423f-b46f-ff102a58e318": {
"name": "Patch",
"on_completion": "action--4502d396-fdb8-45be-a937-6c02ab97a521",
"type": "action"
},
"action--8263a75a-4e75-4657-be46-253a4a3835fb": {
"name": "Mitigate",
"on_completion": "action--4502d396-fdb8-45be-a937-6c02ab97a521",
"type": "action"
},
"end--f710a35e-ad4b-4b05-b9d9-8cb5b852bdb6": {
"type": "end"
},
"end--19eb2990-fc40-4cbc-84f1-22c8ca357526": {
"type": "end"
},
"end--4e825c5c-7847-4889-99cc-3b367a5e0e5b": {
"type": "end"
},
"end--5b982431-6ee0-4273-8cd4-b7a26f13184d": {
"type": "end"
}
}
}