{ "workflow": { "unique_name": "definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW", "name": "Kenna - Show Vulnerability Definition", "title": "Kenna - Show Vulnerability Definition", "type": "generic.workflow", "base_type": "workflow", "variables": [ { "schema_id": "datatype.secure_string", "properties": { "value": "", "scope": "input", "name": "Kenna Token", "type": "datatype.secure_string", "is_required": true, "is_invisible": false }, "unique_name": "variable_workflow_01PT1JRLC7WLQ4vfOwdiPneqqV1XFACs3fM", "object_type": "variable_workflow" }, { "schema_id": "datatype.string", "properties": { "value": "", "scope": "input", "name": "CVE ID", "type": "datatype.string", "description": "IP address of the endpoint to search for", "is_required": true, "is_invisible": false }, "unique_name": "variable_workflow_01PT1JRLC7R037JN6bqUkEDVQcM1861R1yX", "object_type": "variable_workflow" }, { "schema_id": "datatype.string", "properties": { "value": "", "scope": "output", "name": "Body", "type": "datatype.string", "is_required": false, "is_invisible": false }, "unique_name": "variable_workflow_01PT1JRLC7VAC4qZaZM65xDzKkkVE8rL2Md", "object_type": "variable_workflow" } ], "properties": { "atomic": { "atomic_group": "Kenna", "is_atomic": true }, "delete_workflow_instance": true, "description": "Searches Kenna for Vulnerability Definition for a given CVE ID. \n\n[] Build the search query based on the input provided\n[] Query Kenna for matching vulnerabilty\n[] If a match is found, return vulberability definition", "display_name": "Kenna - Show Vulnerability Definition", "runtime_user": { "override_target_runtime_user": false, "specify_on_workflow_start": false, "target_default": true }, "target": { "target_type": "web-service.endpoint", "specify_on_workflow_start": true } }, "object_type": "definition_workflow", "actions": [ { "unique_name": "definition_activity_01PT1JRUNJMTZ0Vze1nIjsHKnQcQh1W3e5m", "name": "Condition Block", "title": "Was input provided?", "type": "logic.if_else", "base_type": "activity", "properties": { "continue_on_failure": false, "display_name": "Was input provided?", "skip_execution": false }, "object_type": "definition_activity", "blocks": [ { "unique_name": "definition_activity_01PT1JRYNLQSF3g9e2xUi2na2qXeVLUK1t0", "name": "Condition Branch", "title": "No", "type": "logic.condition_block", "base_type": "activity", "properties": { "condition": { "left_operand": "$workflow.definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW.input.variable_workflow_01PT1JRLC7R037JN6bqUkEDVQcM1861R1yX$", "operator": "eq", "right_operand": "" }, "continue_on_failure": false, "display_name": "No", "skip_execution": false }, "object_type": "definition_activity", "actions": [ { "unique_name": "definition_activity_01PT1JS0OVU8T3w2Mfl8Z1rgH4vLWnX5o2b", "name": "Completed", "title": "Completed", "type": "logic.completed", "base_type": "activity", "properties": { "completion_type": "failed-completed", "continue_on_failure": false, "display_name": "Completed", "result_message": "CVE ID was not provided.", "skip_execution": false }, "object_type": "definition_activity" } ] } ] }, { "unique_name": "definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89", "name": "HTTP Request", "title": "Kenna - Get Malware Hashes", "type": "web-service.http_request", "base_type": "activity", "properties": { "accept": "application/json", "action_timeout": 30, "allow_auto_redirect": true, "content_type": "application/json", "continue_on_error_status_code": false, "continue_on_failure": false, "custom_headers": [ { "name": "X-Risk-Token", "value": "$workflow.definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW.input.variable_workflow_01PT1JRLC7WLQ4vfOwdiPneqqV1XFACs3fM$" } ], "display_name": "Kenna - Get Malware Hashes", "method": "GET", "relative_url": "/vulnerability_definitions/$workflow.definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW.input.variable_workflow_01PT1JRLC7R037JN6bqUkEDVQcM1861R1yX$", "runtime_user": { "override_target_runtime_user": false, "target_default": true }, "skip_execution": false, "target": { "override_workflow_target": false, "override_workflow_target_group_criteria": false, "use_workflow_target": true, "use_workflow_target_group": false } }, "object_type": "definition_activity" }, { "unique_name": "definition_activity_01PT1JS97MNMW6hi59rPLTgRRYrqTw9iOsM", "name": "Condition Block", "title": "Did the request succeed?", "type": "logic.if_else", "base_type": "activity", "properties": { "continue_on_failure": false, "display_name": "Did the request succeed?", "skip_execution": false }, "object_type": "definition_activity", "blocks": [ { "unique_name": "definition_activity_01PT1JSDGTTPD2eM1UaEIHCGN1QMusKD54q", "name": "Condition Branch", "title": "Success/200", "type": "logic.condition_block", "base_type": "activity", "properties": { "condition": { "left_operand": "$activity.definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89.output.status_code$", "operator": "eq", "right_operand": 200 }, "continue_on_failure": false, "display_name": "Success/200", "skip_execution": false }, "object_type": "definition_activity", "actions": [ { "unique_name": "definition_activity_01PT1JSG2KQG06rJu3E9PxgQj2dWSrcOTgw", "name": "Set Variables", "title": "Set Variables", "type": "core.set_multiple_variables", "base_type": "activity", "properties": { "continue_on_failure": false, "display_name": "Set Variables", "skip_execution": false, "variables_to_update": [ { "variable_to_update": "$workflow.definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW.output.variable_workflow_01PT1JRLC7VAC4qZaZM65xDzKkkVE8rL2Md$", "variable_value_new": "$activity.definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89.output.response_body$" } ] }, "object_type": "definition_activity" } ] }, { "unique_name": "definition_activity_01PT1JSKXTPFM3ZYERbtfHOZcMEKnBsrD2n", "name": "Condition Branch", "title": "Failure/Anything Else", "type": "logic.condition_block", "base_type": "activity", "properties": { "condition": { "left_operand": "$activity.definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89.output.status_code$", "operator": "ne", "right_operand": 200 }, "continue_on_failure": false, "display_name": "Failure/Anything Else", "skip_execution": false }, "object_type": "definition_activity", "actions": [ { "unique_name": "definition_activity_01PT1JSN3UDWP5yJNYai7uw1UzlaqGMGjNE", "name": "Failed", "title": "Failed", "type": "logic.completed", "base_type": "activity", "properties": { "completion_type": "failed-completed", "continue_on_failure": false, "display_name": "Failed", "result_message": "There was an error fetching the vulnerability definition from Kenna. CVE ID: $workflow.definition_workflow_01PT1JRLJ5QHH3Fb3lctaK2Uqk40TuL4ldW.input.variable_workflow_01PT1JRLC7R037JN6bqUkEDVQcM1861R1yX$\nStatus Code: $activity.definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89.output.status_code$\nResponse Body: $activity.definition_activity_01PT1JS4XBD8S25cpysSGVEw5ZV667W4v89.output.response_body$", "skip_execution": false }, "object_type": "definition_activity" } ] } ] } ], "categories": [ "category_1BMfMXSnJMyt5Ihqi7rWJr5N8cf" ] } }