Join the Preview!
Automation Pipelines is in Preview. To enroll and access the automated rules, you must register for each set of rules separately:
Automation Pipelines allows you to set up automated rules for newly discovered vulnerabilities, thus accelerating triage and remediation efforts at scale.
Automation Pipelines is available for:
- Misconfigurations
- Attack paths
- Identity risks
- Vulnerabilities
Automation Pipelines operates through a rules-based system that allows you to automate how new vulnerabilities are managed. Here’s how it works:
- Rule configuration: Each rule consists of multiple criteria, designed to filter vulnerabilities based on specific attributes. Within a rule, the combination of these criteria operates as a logical AND; however, if any criteria include multiple values, those values operate as a logical OR. This structure gives you the flexibility to create rules that precisely target your needs.
- Rule matching: Automation Pipelines evaluates vulnerabilities against your rules in the order you’ve listed them. As each vulnerability is processed, Automation Pipelines moves through the list until it finds a matching rule, at which point the specified action—such as muting non-urgent issues or highlighting critical threats—is triggered.
Mitigate information overload by muting non-urgent findings, so you can focus on critical threats. This allows you to:
- Proactively discard non-urgent findings: Automatically filter out known scenarios that don’t require immediate action, such as false positives or accepted risks, without manual intervention.
- Focus on true risks: Prioritize and address genuine threats, ensuring your attention is directed towards remediating real and pressing issues.
- Streamline security alerts: Eliminate noise from security alerts related to:
- Known false positives
- Resources deemed non-critical or unimportant
- Intentional vulnerabilities in controlled environments
- Ephemeral resources that naturally flag without posing long-term concerns
Customize the Security Inbox by defining specific conditions that determine which security issues are highlighted. This allows you to:
- Resurface issues not captured by default: Highlight issues that might be missed by out-of-the-box or custom detection rules, ensuring no critical issue is overlooked.
- Strengthen compliance and address key system concerns: Address concerns affecting regulatory compliance or important business systems, regardless of severity.
- Prioritize current risks: Focus on immediate threats, such as identity risks after an incident, or industry-wide vulnerabilities.
Assign deadlines for vulnerability remediation to ensure compliance and improve team accountability. This allows you to:
- Align with compliance frameworks: Automatically set due dates that conform to industry regulations like FedRAMP or PCI.
- Enhance accountability: Utilize security SLOs to hold teams responsible for timely vulnerability remediation, reducing the administrative burden of follow-ups and status checks.
- Facilitate proactive risk management: Encourage prompt action on vulnerabilities to mitigate the risk of exploitation, leveraging SLOs as a strategic tool to prioritize and expedite security tasks.
Additional helpful documentation, links, and articles: