Skip to main content

Calculate Severity - Generic

This Playbook is part of the Deprecated Content Pack.#

Deprecated

Use "Calculate Severity - Generic v2" playbook instead.

DEPRECATED. Use "Calculate Severity - Generic v2" playbook instead. Calculates and assigns the incident severity based on the highest returned severity level from the following severity calculations:

  • Indicators DBotScore - Calculates the incident severity level according to the highest indicator DBotScore.
  • Critical assets - Determines if a critical assest is associated with the invesigation.
  • 3rd-party integrations - Calculates the incident severity level according to the methodology of a 3rd-party integration.

NOTE: the new severity level overwrites the previous severity level even if the previous severity level was more severe.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

  • Calculate Severity - DBotScore
  • Calculate Severity - 3rd-party integrations
  • Calculate Severity - Critical assets

Integrations#

  • Builtin

Scripts#

This playbook does not use any scripts.

Commands#

  • setIncident

Playbook Inputs#


NameDescriptionDefault ValueSourceRequired
QualysSeverityThe qualys vulnerability severity score (1-5).SeverityQualysOptional
DBotScoreThe array of all indicators associated with the incident.NoneDBotScoreOptional
EndpointThe endpoint to check against the critical lists.NoneEndpointOptional
AccountThe user account to check against the critical lists.NoneAccountOptional
NexposeSeverityThe Nexpose vulnerability severity score. Can be, "Moderate", "Severe", or "Critical".Asset.Vulnerability.SeverityNexposeOptional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Calculate_Severity_Generic