Calculate Severity - Generic

Calculates and assigns the incident severity based on the highest returned severity level from the following severity calculations:

  • Indicators DBotScore - Calculates the incident severity level according to the highest indicator DBotScore.
  • Critical assets - Determines if a critical assest is associated with the invesigation.
  • 3rd-party integrations - Calculates the incident severity level according to the methodology of a 3rd-party integration.

NOTE: the new severity level overwrites the previous severity level even if the previous severity level was more severe.


This playbook uses the following sub-playbooks, integrations, and scripts.


  • Calculate Severity - DBotScore
  • Calculate Severity - 3rd-party integrations
  • Calculate Severity - Critical assets


  • Builtin


This playbook does not use any scripts.


  • setIncident

Playbook Inputs

NameDescriptionDefault ValueSourceRequired
QualysSeverityThe qualys vulnerability severity score (1-5).SeverityQualysOptional
DBotScoreThe array of all indicators associated with the incident.NoneDBotScoreOptional
EndpointThe endpoint to check against the critical lists.NoneEndpointOptional
AccountThe user account to check against the critical lists.NoneAccountOptional
NexposeSeverityThe Nexpose vulnerability severity score. Can be, "Moderate", "Severe", or "Critical".Asset.Vulnerability.SeverityNexposeOptional

Playbook Outputs

There are no outputs for this playbook.

Playbook Image