Workflow overview
Why this workflow matters
Useful for software delivery and engineering operations. Helpful for business development and pipeline building.
Automates the full vulnerability lifecycle — from scheduled scanning and data aggregation to intelligent prioritization, ticket creation, real-time alerting, weekly reporting, and centralized tracking. Ensures critical vulnerabilities are patched quickly while maintaining audit-ready logs and executive visibility. How it works Dual Trigger - Scheduled daily scans at 6 AM + on-demand webhook for emergency scans Multi-Scanner Aggregation - Pulls findings from Nessus, Qualys, and custom scanner APIs in parallel Normalize & Deduplicate - Unifies scan results into a standard CVE schema, removes duplicates GPT-4 Risk Prioritization - AI enriches each vuln with exploitability context, business impact, and remediation urgency Severity Gate - Routes Critical/High vulns to expedited track; Medium/Low to standard queue Jira Ticket Creation - Auto-creates structured remediation tickets with SLA-based due dates Real-Time Alerting - Sends Slack alerts for Critical vulns and email digests for High findings Patch Verification - Checks remediation status against scanner re-scan results Weekly Executive Report - Generates CISO-ready KPI summary and sends to leadership Audit Log - Writes immutable compliance log to Google Sheets for SOC2/ISO 27001 Setup Steps Import workflow into AlekSystem Configure credentials: OpenAI API — GPT-4o for risk prioritization Jira API — Ticket creation and tracking Slack — Critical vulnerability alerts Google Sheets — Vulnerability registry and audit log SMTP / Gmail — Executive and team email reports Set your scanner API endpoints and tokens in aggregation nodes Configure Jira project key and SLA thresholds Set Slack channel IDs for security team alerts Schedule weekly report trigger to your preferred day/time Activate both the scheduled and webhook triggers CVE Severity SLA Targets 🔴 CRITICAL (CVSS 9.0–10.0) — Patch within 24 hours 🟠 HIGH (CVSS 7.0–8.9) — Patch within 7 days 🟡 MEDIUM (CVSS 4.0–6.9) — Patch within 30 days 🟢 LOW (CVSS 0.1–3.9) — Patch within 90 days Sample Scanner Payload (Nessus) { "scanId": "SCAN-2025-0042", "scanner": "nessus", "targetHost": "192.168.1.105", "hostName": "prod-db-01", "cveId": "CVE-2024-21413", "cvssScore": 9.8, "pluginId": "212105", "description": "Microsoft Outlook RCE vulnerability" } Features Multi-scanner normalization** — Nessus, Qualys, and custom scanners unified AI-powered exploit context** — GPT-4 adds CISA KEV status, weaponization likelihood SLA-driven Jira tickets** — auto-assigns, sets due dates, links CVE details Executive KPI dashboard** — weekly metrics: MTTD, MTTR, patch compliance rate Audit-ready log** — every vuln tracked from detection to closure
Best fit
Categories
Services
Use cases
Need another direction?