CVE reputation with Recorded Future SOAR Enrichment
This playbook uses the following sub-playbooks, integrations, and scripts. Depends on the recorded futures indicator field; risk rules.
This playbook does not use any sub-playbooks.
- Recorded Future v2
This playbook does not use any scripts.
- cve
| Name | Description | Default Value | Required |
|---|---|---|---|
| CVE | The CVE ID to get reputation of. | CVE.ID | Optional |
| Path | Description | Type |
|---|---|---|
| DBotScore.Indicator | The indicator that was tested | string |
| DBotScore.Type | Indicator type | string |
| DBotScore.Vendor | Vendor used to calculate the score | string |
| DBotScore.Score | The actual score | number |
| CVE.ID | Vulnerability name | string |
| RecordedFuture.CVE.riskLevel | Recorded Future Vulnerability Risk Level | string |
| RecordedFuture.CVE.riskScore | Risk Score | number |
| RecordedFuture.CVE.Evidence.rule | Recorded Risk Rule Name | string |
| RecordedFuture.CVE.Evidence.mitigation | Recorded Risk Rule Mitigation | string |
| RecordedFuture.CVE.Evidence.description | Recorded Risk Rule description | string |
| RecordedFuture.CVE.Evidence.timestamp | Recorded Risk Rule timestamp | date |
| RecordedFuture.CVE.Evidence.level | Recorded Risk Rule Level | number |
| RecordedFuture.CVE.Evidence.ruleid | Recorded Risk Rule ID | string |
| RecordedFuture.CVE.name | Vulnerability name | string |
| RecordedFuture.CVE.maxRules | Maximum count of Recorded Future Vulnerability Risk Rules | number |
| RecordedFuture.CVE.ruleCount | Number of triggered Recorded Future Vulnerability Risk Rules | number |
