II.
Workflow overview
Reference · liveworkflow:vulnerability-management
Vulnerability Management Workflow overview
Workflow for identifying, prioritizing, remediating, verifying, and reporting security vulnerabilities across software assets.
Attributes
displayName
Vulnerability Management Workflow
description
Workflow for identifying, prioritizing, remediating, verifying, and reporting
security vulnerabilities across software assets.
Outgoing edges
applies_to_domain7
- domain:cybersecurity·DomainCybersecurity
- domain:devops·DomainDevOps
- domain:cloud-infra·DomainCloud Infrastructure
- domain:cybersecurity·DomainCybersecurity
- domain:security·DomainSecurity
- domain:cybersecurity·DomainCybersecurity
- domain:security·DomainSecurity
integrates_with1
- platform:kradle·PlatformKradle
involves_role11
- role:security-engineer·RoleSecurity Engineer
- role:devops-engineer·RoleDevOps Engineer
- role:platform-engineer·RolePlatform Engineer
- role:backend-engineer·RoleBackend Engineer
- role:compliance-officer·RoleCompliance Officer
- role:vulnerability-scanner·RoleVulnerability Scanner
- role:security-reviewer·RoleSecurity Reviewer
- role:dependency-updater·RoleDependency Updater
- role:vulnerability-scanner·RoleVulnerability Scanner
- role:security-reviewer·RoleSecurity Reviewer
- role:dependency-updater·RoleDependency Updater
performed_by_org_unit5
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:engineering·OrgUnitEngineering
- org-unit:application-security-team·OrgUnitApplication Security Team
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:engineering·OrgUnitEngineering
requires_skill_area2
- skill-area:secrets-rotation·SkillAreaSecrets Rotation
- skill-area:secrets-rotation·SkillAreaSecrets Rotation
triggers_responsibility7
- responsibility:security-audit·Responsibility
- responsibility:risk-assessment·ResponsibilityRisk Assessment
- responsibility:compliance-monitoring·ResponsibilityCompliance Monitoring
- responsibility:run-security-scans·ResponsibilityRun security scans
- responsibility:upgrade-dependencies-weekly·ResponsibilityUpgrade dependencies weekly
- responsibility:run-security-scans·ResponsibilityRun security scans
- responsibility:upgrade-dependencies-weekly·ResponsibilityUpgrade dependencies weekly
Incoming edges
follows_workflow1
- stack-profile:vulnerability-management-platform·StackProfileVulnerability Management (Python, Trivy, Snyk, PostgreSQL, React, Docker)
lib_implements_workflow111
- lib-agent:security-compliance--forensic-analysis-agent·LibraryAgentforensic-analysis-agent
- lib-agent:security-compliance--incident-triage-agent·LibraryAgentincident-triage-agent
- lib-agent:security-compliance--patch-management-agent·LibraryAgentpatch-management-agent
- lib-agent:security-compliance--remediation-guidance-agent·LibraryAgentremediation-guidance-agent
- lib-agent:security-compliance--risk-scoring-agent·LibraryAgentrisk-scoring-agent
- lib-agent:security-compliance--threat-intelligence-agent·LibraryAgentthreat-intelligence-agent
- lib-agent:security-compliance--vulnerability-triage-agent·LibraryAgentvulnerability-triage-agent
- lib-agent:security-research--cloud-security-researcher·LibraryAgentcloud-security-researcher
- lib-agent:security-research--exploit-developer·LibraryAgentExploit Developer Agent
- lib-agent:security-research--fuzzing-engineer·LibraryAgentfuzzing-engineer
- lib-agent:security-research--hardware-security-researcher·LibraryAgenthardware-security-researcher
- lib-agent:security-research--malware-analyst·LibraryAgentMalware Analyst Agent
- lib-agent:security-research--mobile-researcher·LibraryAgentMobile Security Researcher Agent
- lib-agent:security-research--purple-team-coordinator·LibraryAgentPurple Team Coordinator Agent
- lib-agent:security-research--red-team-operator·LibraryAgentRed Team Operator Agent
- lib-agent:security-research--reverse-engineer·LibraryAgentReverse Engineer Agent
- lib-agent:security-research--security-report-writer·LibraryAgentSecurity Report Writer Agent
- lib-agent:security-research--smart-contract-auditor·LibraryAgentSmart Contract Auditor Agent
- lib-agent:security-research--threat-intel-analyst·LibraryAgentThreat Intelligence Analyst Agent
- lib-agent:security-research--vuln-researcher·LibraryAgentVulnerability Researcher Agent
- lib-agent:security-research--web-security-researcher·LibraryAgentWeb Security Researcher Agent
- lib-process:cryptography-blockchain--smart-contract-security-audit·LibraryProcessspecializations/cryptography-blockchain/smart-contract-security-audit
- lib-process:automotive-engineering--cybersecurity-engineering·LibraryProcessspecializations/domains/science/automotive-engineering/cybersecurity-engineering
- lib-process:gpu-programming--reduction-scan-implementation·LibraryProcessspecializations/gpu-programming/reduction-scan-implementation
- lib-process:research--novelties-scanner·LibraryProcessspecializations/research/novelties-scanner
- lib-process:security-compliance--business-continuity·LibraryProcessspecializations/security-compliance/business-continuity
- lib-process:security-compliance--codebase-security-audit·LibraryProcessspecializations/security-compliance/codebase-security-audit
- lib-process:security-compliance--container-security·LibraryProcesssecurity-compliance/container-security
- lib-process:security-compliance--dast-process·LibraryProcesssecurity-compliance/dast-process
- lib-process:security-compliance--data-classification·LibraryProcessspecializations/security-compliance/data-classification
- lib-process:security-compliance--disaster-recovery-testing·LibraryProcessspecializations/security-compliance/disaster-recovery-testing
- lib-process:security-compliance--encryption-standards·LibraryProcessspecializations/security-compliance/encryption-standards
- lib-process:security-compliance--gdpr-compliance·LibraryProcessspecializations/security-compliance/gdpr-compliance
- lib-process:security-compliance--hipaa-compliance·LibraryProcesssecurity-compliance/hipaa-compliance
- lib-process:security-compliance--iac-security-review·LibraryProcessspecializations/security-compliance/iac-security-review
- lib-process:security-compliance--iam-access-control·LibraryProcessspecializations/security-compliance/iam-access-control
- lib-process:security-compliance--iso27001-implementation·LibraryProcessspecializations/security-compliance/iso27001-implementation
- lib-process:security-compliance--nation-state-trojan-detection·LibraryProcessspecializations/security-compliance/nation-state-trojan-detection
- lib-process:security-compliance--pci-dss-compliance·LibraryProcessspecializations/security-compliance/pci-dss-compliance
- lib-process:security-compliance--penetration-testing·LibraryProcesssecurity-compliance/penetration-testing
- lib-process:security-compliance--sast-pipeline·LibraryProcessspecializations/security-compliance/sast-pipeline
- lib-process:security-compliance--sca-dependency-management·LibraryProcessspecializations/security-compliance/sca-dependency-management
- lib-process:security-compliance--secrets-management·LibraryProcessspecializations/security-compliance/secrets-management
- lib-process:security-compliance--security-logging-monitoring·LibraryProcesssecurity-compliance/security-logging-monitoring
- lib-process:security-compliance--security-policies·LibraryProcessspecializations/security-compliance/security-policies
- lib-process:security-compliance--security-training·LibraryProcesssecurity-compliance/security-training
- lib-process:security-compliance--soc2-compliance·LibraryProcessspecializations/security-compliance/soc2-compliance
- lib-process:security-compliance--stride-threat-modeling·LibraryProcessspecializations/security-compliance/stride-threat-modeling
- lib-process:security-compliance--third-party-risk·LibraryProcessspecializations/security-compliance/third-party-risk
- lib-process:security-compliance--vulnerability-management·LibraryProcessspecializations/security-compliance/vulnerability-management
- lib-process:security-research--ai-ml-security-research·LibraryProcessspecializations/security-research/ai-ml-security-research
- lib-process:security-research--api-security-research·LibraryProcessspecializations/security-research/api-security-research
- lib-process:security-research--binary-reverse-engineering·LibraryProcessspecializations/security-research/binary-reverse-engineering
- lib-process:security-research--bug-bounty-workflow·LibraryProcessspecializations/security-research/bug-bounty-workflow
- lib-process:security-research--capture-the-flag-challenges·LibraryProcessspecializations/security-research/capture-the-flag-challenges
- lib-process:security-research--cloud-security-research·LibraryProcessspecializations/security-research/cloud-security-research
- lib-process:security-research--container-security-research·LibraryProcessspecializations/security-research/container-security-research
- lib-process:security-research--dynamic-analysis-runtime-testing·LibraryProcessspecializations/security-research/dynamic-analysis-runtime-testing
- lib-process:security-research--exploit-development·LibraryProcessspecializations/security-research/exploit-development
- lib-process:security-research--firmware-analysis·LibraryProcessspecializations/security-research/firmware-analysis
- lib-process:security-research--fuzzing-campaign·LibraryProcessspecializations/security-research/fuzzing-campaign
- lib-process:security-research--hardware-security-research·LibraryProcessspecializations/security-research/hardware-security-research
- lib-process:security-research--malware-analysis·LibraryProcessspecializations/security-research/malware-analysis
- lib-process:security-research--mobile-app-security-research·LibraryProcessspecializations/security-research/mobile-app-security-research
- lib-process:security-research--network-penetration-testing·LibraryProcessspecializations/security-research/network-penetration-testing
- lib-process:security-research--protocol-reverse-engineering·LibraryProcessspecializations/security-research/protocol-reverse-engineering
- lib-process:security-research--purple-team-exercise·LibraryProcessspecializations/security-research/purple-team-exercise
- lib-process:security-research--red-team-operations·LibraryProcessspecializations/security-research/red-team-operations
- lib-process:security-research--responsible-disclosure·LibraryProcessspecializations/security-research/responsible-disclosure
- lib-process:security-research--security-advisory-writing·LibraryProcessspecializations/security-research/security-advisory-writing
- lib-process:security-research--security-research-lab-setup·LibraryProcessspecializations/security-research/security-research-lab-setup
- lib-process:security-research--security-research-publication·LibraryProcessspecializations/security-research/security-research-publication
- lib-process:security-research--security-tool-development·LibraryProcessspecializations/security-research/security-tool-development
- lib-process:security-research--shellcode-development·LibraryProcessspecializations/security-research/shellcode-development
- lib-process:security-research--smart-contract-auditing·LibraryProcessspecializations/security-research/smart-contract-auditing
- lib-process:security-research--static-code-analysis·LibraryProcessspecializations/security-research/static-code-analysis
- lib-process:security-research--supply-chain-security·LibraryProcessspecializations/security-research/supply-chain-security
- lib-process:security-research--threat-intelligence-research·LibraryProcessspecializations/security-research/threat-intelligence-research
- lib-process:security-research--variant-analysis·LibraryProcessspecializations/security-research/variant-analysis
- lib-process:security-research--vulnerability-research-workflow·LibraryProcessspecializations/security-research/vulnerability-research-workflow
- lib-process:security-research--vulnerability-root-cause-analysis·LibraryProcessspecializations/security-research/vulnerability-root-cause-analysis
- lib-process:security-research--web-app-vuln-research·LibraryProcessspecializations/security-research/web-app-vuln-research
- lib-skill:security-compliance--aws-security-scanner·LibrarySkillaws-security-scanner
- lib-skill:security-compliance--azure-security-scanner·LibrarySkillazure-security-scanner
- lib-skill:security-compliance--container-security-scanner·LibrarySkillcontainer-security-scanner
- lib-skill:security-compliance--dast-scanner·LibrarySkilldast-scanner
- lib-skill:security-compliance--dependency-scanner·LibrarySkilldependency-scanner
- lib-skill:security-compliance--gcp-security-scanner·LibrarySkillgcp-security-scanner
- lib-skill:security-compliance--git-forensics-scanner·LibrarySkillgit-forensics-scanner
- lib-skill:security-compliance--iac-security-scanner·LibrarySkilliac-security-scanner
- lib-skill:security-compliance--owasp-security-scanner·LibrarySkillowasp-security-scanner
- lib-skill:security-compliance--sast-analyzer·LibrarySkillsast-analyzer
- lib-skill:security-compliance--secret-detection-scanner·LibrarySkillsecret-detection-scanner
- lib-skill:security-compliance--semantic-code-analyzer·LibrarySkillsemantic-code-analyzer
- lib-skill:security-compliance--vendor-risk-monitor·LibrarySkillvendor-risk-monitor
- lib-skill:security-research--aiml-security·LibrarySkillaiml-security
- lib-skill:security-research--binary-exploitation·LibrarySkillBinary Exploitation Skill
- lib-skill:security-research--cloud-security-testing·LibrarySkillcloud-security-testing
- lib-skill:security-research--cve-cwe-db·LibrarySkillCVE/CWE Database Skill
- lib-skill:security-research--fuzzing-ops·LibrarySkillFuzzing Operations Skill
- lib-skill:security-research--hardware-security·LibrarySkillhardware-security
- lib-skill:security-research--incident-forensics·LibrarySkillincident-forensics
- lib-skill:security-research--mitre-attack·LibrarySkillMITRE ATT&CK Skill
- lib-skill:security-research--mobile-security·LibrarySkillMobile Security Testing Skill
- lib-skill:security-research--offensive-security·LibrarySkillOffensive Security Skill
- lib-skill:security-research--pwntools-exploit·LibrarySkillPwntools Exploitation Skill
- lib-skill:security-research--security-sandbox·LibrarySkillsecurity-sandbox
- lib-skill:security-research--smart-contract-analysis·LibrarySkillSmart Contract Analysis Skill
- lib-skill:security-research--static-analysis-tools·LibrarySkillStatic Analysis Tools Skill
- lib-skill:security-research--stix-taxii·LibrarySkillSTIX/TAXII Intelligence Skill
- lib-skill:security-research--yara-rules·LibrarySkillYARA Rules Skill
supports_work3
- tool-server:mcp-snyk·ToolServerSnyk MCP Server
- tool-server:mcp-sonarqube·ToolServerSonarQube MCP Server
- tool-server:mcp-wiz-candidate·ToolServerWiz MCP candidate