Send Vulnerabilities to Nuvolo
Focus
Focus
Device Security

Send Vulnerabilities to Nuvolo

Table of Contents

Send Vulnerabilities to Nuvolo

Manually send vulnerabilities from Device Security through Cortex XSOAR to Nuvolo to make work orders.
Where Can I Use This?What Do I Need?
  • Device Security (Managed by Strata Cloud Manager)
  • (Legacy) IoT Security (Standalone portal)
One of the following subscriptions:
  • Device Security subscription for an advanced Device Security product (Enterprise Plus, Industrial OT, or Medical)
  • Device Security X subscription
One of the following Cortex XSOAR setups:
  • A free, cohosted, limited-featured Cortex XSOAR instance
  • A full-featured Cortex XSOAR server
From Device Security, send a vulnerability through Cortex XSOAR to Nuvolo. Cortex XSOAR converts it into an incident before forwarding it to Nuvolo where a user can create a work order to investigate it.

Strata Cloud Manager

Manually send vulnerabilities from Device Security in Strata Cloud Manager through Cortex XSOAR to Nuvolo to make work orders.
  1. Navigate to RisksVulnerabilities, click a vulnerability name, and then select the check box of a vulnerability instance.
  2. Click MoreSend toNuvolo.
    The Send to Nuvolo panel appears.
  3. Enter a priority number using the priority numbering system in Nuvolo and add a comment.
    After you’ve configured these required settings, the Send button changes from gray to blue, indicating that you can proceed.
  4. Click Send.
    After you click Send, a link appears. When you click it, a new browser window opens to the XSOAR playbook for this action.
    To confirm that the vulnerability was sent, click the link to the XSOAR playbook for this action.
    For the link in Device Security to open the corresponding playbook in Cortex XSOAR, you must already be logged in to your XSOAR instance before clicking it.
    The green boxes in the playbook indicate that a particular step was successfully performed. Following the path through the playbook gives you feedback about whether an action was carried out successfully or, if not, where the process changed course.
    Also, the action “Sent to Nuvolo” appears in the Vulnerability Responses column. If you don’t see this column, click the Columns icon (
    ) and select Vulnerability Responses.
  5. Log in to Nuvolo and check the Security Queue for receiving security incidents from Device Security.
    You can also send a vulnerability to Nuvolo from the Vulnerabilities section of the Device Details page.

Legacy IoT Security

Manually send vulnerabilities from the Device Security portal through Cortex XSOAR to Nuvolo to make work orders.
  1. Navigate to VulnerabilitiesVulnerability OverviewAll Vulnerabilities, click a vulnerability name, and then select the check box of a vulnerability instance.
  2. Click MoreSend toNuvolo.
    The Send to Nuvolo panel appears.
  3. Enter a priority number using the priority numbering system in Nuvolo and add a comment.
    After you’ve configured these required settings, the Send button changes from gray to blue, indicating that you can proceed.
  4. Click Send.
    After you click Send, a link appears. When you click it, a new browser window opens to the XSOAR playbook for this action.
    To confirm that the vulnerability was sent, click the link to the XSOAR playbook for this action.
    For the link in Device Security to open the corresponding playbook in Cortex XSOAR, you must already be logged in to your XSOAR instance before clicking it.
    The green boxes in the playbook indicate that a particular step was successfully performed. Following the path through the playbook gives you feedback about whether an action was carried out successfully or, if not, where the process changed course.
    Also, the action “Sent to Nuvolo” appears in the Vulnerability Responses column. If you don’t see this column, click the Columns icon (
    ) and select Vulnerability Responses.
  5. Log in to Nuvolo and check the Security Queue for receiving security incidents from Device Security.
    You can also send a vulnerability to Nuvolo from the Vulnerabilities section of the Device Details page.