--- title: "Step 4 - Automate" slug: "step4" tags: ["admin", "global dashboard", "users"] updated: 2025-06-16T18:24:43Z published: 2025-06-16T18:24:43Z canonical: "help.nucleussec.com/step4" --- > ## Documentation Index > Fetch the complete documentation index at: https://help.nucleussec.com/llms.txt > Use this file to discover all available pages before exploring further. # Step 4 - Automate By now, you’ve explored your data and learned how to prioritize findings that matter most. But vulnerability management at scale doesn’t just demand smart decisions. It demands *repeatable* ones. That’s where Nucleus [automation](/v1/docs/automation-workflows) comes in. This step will help you shift from manual triage and assignment to **automated, policy-driven workflows**: the foundation of operational maturity in the Nucleus Vulnerability Management Maturity Model. --- ## 🧠 Why Automate? Even the most mature security teams don’t have time to manually: - Assign every new finding to the correct team - Recast false positives or dev-only CVEs - Track SLA deadlines across hundreds of systems - Prepare clean tickets for Jira or ServiceNow Nucleus automates these repetitive actions while keeping **your human analysts in control**. --- ## 🔁 What You Can Automate in Nucleus ### 1. **Ownership Assignment** Automate how vulnerabilities are routed to teams based on the systems they own. - Group assets using tags, business unit, hostname pattern, or CMDB syncs - Route findings based on asset attributes or criticality - Auto-update assignments as ownership changes 📘 **Use Case**: Auto-assign AppSec issues to the “DevOps Team” if the asset name contains `app-dev` or tag = `Team: DevOps` ![](https://cdn.document360.io/3888970a-6501-459e-acc9-c47b71c6d64c/Images/Documentation/image(491).png) --- ### 2. **Triage & Prioritization** Filter out the noise. Escalate the signal. - Auto-recast findings as “Accepted Risk” or “Informational” based on metadata - Elevate findings with active exploits to “Critical” and reset their SLA - Filter out false positives by signature, asset, or environment (e.g., test/dev) 📘 **Use Case**: Recast all findings from “Checkmarx” on `*.dev.internal` as “Informational” with status = "No Action" ![](https://cdn.document360.io/3888970a-6501-459e-acc9-c47b71c6d64c/Images/Documentation/image(488).png) --- ### 3. **SLA Enforcement** Set and monitor due dates automatically. - Create SLA rules based on risk score, asset group, or scan type - Use dynamic fields to assign due dates like `7 days from discovery` for high-risk items - Flag overdue findings (`overdue = true`) for workflow escalation or reports 📘 **Use Case**: If `nucleus_exploited = true` AND `severity = Critical`, set `SLA = 7 days` --- ### 4. **Ticketing Prep** Push the right findings to the right tools—cleanly. - Tag findings with owner, business risk, or remediation context - Create filters for which findings go to Jira, ServiceNow, etc. - Pre-fill ticket fields with asset group, SLA, and priority data 📘 **Use Case**: Only push findings with `nucleus_risk_score > 650` from assets in `Production` to Jira as `P1` ![](https://cdn.document360.io/3888970a-6501-459e-acc9-c47b71c6d64c/Images/Documentation/image(489).png) --- ## 🛠️ Features That Make It Work | Feature | What It Does | | --- | --- | | [**Asset Processing Rules**](/v1/docs/asset-processing-rules) | Group, tag, or assign assets based on metadata | | [**Finding Processing Rules**](/v1/docs/finding-processing-rules) | Automate SLAs, statuses, tags, or justification recasts | | [**Dynamic Fields**](/v1/docs/dynamic-fields-automation) | Set SLAs or dates using variables like `{{date_discovered + 30}}` | | [**Status Expirations**](/v1/docs/add-a-status-expiration) | Auto-transition stale findings to “Needs Review” | | **Automation Preview Mode** | See rule matches before going live—no surprises | --- ## 🎯 VM Maturity Tie-In | Nucleus Maturity Level | Automation Impact | | --- | --- | | **Normalize** | Asset rules ensure ownership is always accurate | | **Enrich** | Auto-tagging findings with threat and business context | | **Prioritize** | SLAs are enforced consistently with little overhead | | **Remediate** | Only the right tickets reach the right teams | | **Measure** | Less noise → cleaner metrics → better trend tracking | --- ## ✅ Outcome - Reduce analyst fatigue by cutting repetitive tasks - Deliver predictable remediation pipelines - Improve SLA performance without manual chasing - Empower DevOps teams with cleaner, scoped ticket queues --- ## 📋 Get Started with Your First Rule Try this: **If:** `nucleus_exploited = true` **Then:** `Set SLA = 7 days` Look for **“Set Up an Automation Rule”** in your in-app checklist to begin. --- ## 🔗 Quick Links - 👉 [Automation Rules Guide](/docs/step4#) - 🔗 [Nucleus SLA Management Overview](/docs/step4#) - 🔗 [Asset Tagging & Assignment Guide](/docs/step4#) - 🔗 [Full Help Center Index](/docs/step4#) --- ## 💬 Need a Hand? We’re happy to help you design your first rule or review a complex workflow. 📧 [support@nucleussec.co](mailto:support@nucleussec.com) ## Related - [Users, Roles & Permissions](/users-roles-and-permissions.md) - [User management (Standalone)](/user-management-standalone.md) - [Step 3 - Prioritize](/prioritize.md) - [Step 1 - Let's get started](/create.md) - [Step 2 - Explore Findings & Dashboards](/step2.md)