HttpRequest Automate

7/8/2025
28 nodes
Complex
manualcomplexsplitinbatchessticky notewaitexecuteworkflowtriggerslacknoopadvancedapiintegrationdataparsinglogicconditionalcommunicationnotification
Categories:
Communication & MessagingComplex WorkflowManual TriggeredBusiness Process Automation
Integrations:
SplitInBatchesSticky NoteWaitExecuteWorkflowTriggerSlackNoOp

Target Audience

  • Security Teams: Professionals responsible for managing and monitoring vulnerabilities within their organization.
    - DevOps Engineers: Individuals who integrate security practices within the DevOps process.
    - IT Administrators: Personnel managing IT infrastructure who need to ensure systems are secure.
    - Compliance Officers: Experts ensuring that the organization adheres to security regulations and standards.
    - Business Leaders: Executives interested in understanding the security posture of their organization.

    • Problem Solved

    This workflow automates the process of initiating vulnerability scans using the Qualys API and retrieves scan results efficiently. It addresses the challenges of manual scanning, which can be time-consuming and prone to human error. By automating the scanning process and providing timely updates via Slack, it ensures that teams are promptly informed about vulnerabilities, allowing for quicker remediation and enhanced security posture.

    Workflow Steps

  • Step 1: Trigger the Workflow - The workflow is manually initiated, allowing users to start vulnerability scans as needed.
    - Step 2: Start VM Scan in Qualys - A scan is launched using the Qualys API with parameters defined in the workflow.
    - Step 3: Convert XML to JSON - The XML response from Qualys is converted to JSON format for easier processing.
    - Step 4: Fetch Scan Results - The workflow retrieves the results of the initiated scan.
    - Step 5: Loop Over Items - The workflow checks the scan status every 5 minutes until it is marked as FINISHED.
    - Step 6: Check if Scan Finished - Once the scan is complete, the results are processed and prepared for reporting.
    - Step 7: Post Vulnerability Scan Summary to Slack - A summary of the scan results is posted in a specified Slack channel, including critical details like the number of detected vulnerabilities.
    - Step 8: Delete Receipt - The initial notification message is deleted to keep the channel organized.

    • Customization Guide

  • Modify Scan Parameters: Users can adjust the scan_title, option_title, and asset_groups in the Demo Data node to tailor the scan based on their requirements.
    - Change Slack Channel: Update the slackChannelId in the Global Variables & Slack Channel node to direct notifications to a different Slack channel.
    - Adjust Wait Time: The wait duration between scan status checks can be modified in the Wait 5 Min node to suit the expected scan duration.
    - Customize Notifications: Users can edit the messages sent to Slack in the Post Vulnerability Scan Summary to Slack node to reflect their organizational tone and style.
    - Add More Nodes: Additional processing nodes can be integrated if further data manipulation or reporting is required.