Automating Defender Alerts with CISA KEV and n8n – Has anyone tried similar workflows?
Hi everyone, I’ve been experimenting with n8n automation to improve vulnerability management. I created a workflow that cross-references Microsoft Defender for Endpoint vulnerabilities with the CISA Known Exploited Vulnerabilities (KEV) catalog, and then automatically creates Jira tickets for remediation. The flow takes about 16 seconds to run and prioritizes only the CVEs that are both present in the environment and listed in KEV. Has anyone here built similar automation (maybe with Logic Apps, Power Automate, or Sentinel playbooks)? Would love to hear how others handle vulnerability prioritization or ticket creation!Defender Experts in-depth - running a modern SOC in the age of LLMs
Did you miss the Defender Experts session held today (December 6, 2023) during the Microsoft Security Tech Accelerator event? See how our Defender Experts team runs a modern SOC and leverages LLMs and Copilots. You can catch the session on-demand here: https://aka.ms/Accelerate/ModernSOCWelcome to the Microsoft Security Experts community!
We are thrilled to announce the launch of the Microsoft Security Experts community! Whether you’re familiar with our services or just starting to explore what we offer, you’ll find this community a collaborative space where you can freely ask questions and share insights with our team. We hope to engage in constructive dialogue that fosters growth and innovation and build a resourceful hub that benefits everyone. In addition to this community, we invite you to learn more about our services below and follow our blog for the latest news and insights: Microsoft Defender Experts for XDR Microsoft Defender Experts for Hunting Microsoft Incident Response Thank you for being a part of our community!
