By now, you’ve explored your data and learned how to prioritize findings that matter most. But vulnerability management at scale doesn’t just demand smart decisions. It demands repeatable ones.
That’s where Nucleus automation comes in.
This step will help you shift from manual triage and assignment to automated, policy-driven workflows: the foundation of operational maturity in the Nucleus Vulnerability Management Maturity Model.
🧠 Why Automate?
Even the most mature security teams don’t have time to manually:
Assign every new finding to the correct team
Recast false positives or dev-only CVEs
Track SLA deadlines across hundreds of systems
Prepare clean tickets for Jira or ServiceNow
Nucleus automates these repetitive actions while keeping your human analysts in control.
🔁 What You Can Automate in Nucleus
1. Ownership Assignment
Automate how vulnerabilities are routed to teams based on the systems they own.
Group assets using tags, business unit, hostname pattern, or CMDB syncs
Route findings based on asset attributes or criticality
Auto-update assignments as ownership changes
📘 Use Case: Auto-assign AppSec issues to the “DevOps Team” if the asset name contains app-dev or tag = Team: DevOps
.png)
2. Triage & Prioritization
Filter out the noise. Escalate the signal.
Auto-recast findings as “Accepted Risk” or “Informational” based on metadata
Elevate findings with active exploits to “Critical” and reset their SLA
Filter out false positives by signature, asset, or environment (e.g., test/dev)
📘 Use Case: Recast all findings from “Checkmarx” on *.dev.internal as “Informational” with status = "No Action"
.png)
3. SLA Enforcement
Set and monitor due dates automatically.
Create SLA rules based on risk score, asset group, or scan type
Use dynamic fields to assign due dates like
7 days from discoveryfor high-risk itemsFlag overdue findings (
overdue = true) for workflow escalation or reports
📘 Use Case: If nucleus_exploited = true AND severity = Critical, set SLA = 7 days
4. Ticketing Prep
Push the right findings to the right tools—cleanly.
Tag findings with owner, business risk, or remediation context
Create filters for which findings go to Jira, ServiceNow, etc.
Pre-fill ticket fields with asset group, SLA, and priority data
📘 Use Case: Only push findings with nucleus_risk_score > 650 from assets in Production to Jira as P1
.png)
🛠️ Features That Make It Work
Feature | What It Does |
|---|---|
Group, tag, or assign assets based on metadata | |
Automate SLAs, statuses, tags, or justification recasts | |
Set SLAs or dates using variables like | |
Auto-transition stale findings to “Needs Review” | |
Automation Preview Mode | See rule matches before going live—no surprises |
🎯 VM Maturity Tie-In
Nucleus Maturity Level | Automation Impact |
|---|---|
Normalize | Asset rules ensure ownership is always accurate |
Enrich | Auto-tagging findings with threat and business context |
Prioritize | SLAs are enforced consistently with little overhead |
Remediate | Only the right tickets reach the right teams |
Measure | Less noise → cleaner metrics → better trend tracking |
✅ Outcome
Reduce analyst fatigue by cutting repetitive tasks
Deliver predictable remediation pipelines
Improve SLA performance without manual chasing
Empower DevOps teams with cleaner, scoped ticket queues
📋 Get Started with Your First Rule
Try this:
If: nucleus_exploited = true
Then: Set SLA = 7 days
Look for “Set Up an Automation Rule” in your in-app checklist to begin.
🔗 Quick Links
💬 Need a Hand?
We’re happy to help you design your first rule or review a complex workflow.
📧 [email protected]