Manage vulnerabilities end-to-end with GPT-4, Jira, Slack and Google Sheets
Go to Workflow
Oneclick AI Squad
Description
Automates the full vulnerability lifecycle — from scheduled scanning and data aggregation to intelligent prioritization, ticket creation, real-time alerting, weekly reporting, and centralized tracking. Ensures critical vulnerabilities are patched quickly while maintaining audit-ready logs and executive visibility.
How it works
Dual Trigger - Scheduled daily scans at 6 AM + on-demand webhook for emergency scans
Multi-Scanner Aggregation - Pulls findings from Nessus, Qualys, and custom scanner APIs in parallel
Normalize & Deduplicate - Unifies scan results into a standard CVE schema, removes duplicates
GPT-4 Risk Prioritization - AI enriches each vuln with exploitability context, business impact, and remediation urgency
Severity Gate - Routes Critical/High vulns to expedited track; Medium/Low to standard queue
Jira Ticket Creation - Auto-creates structured remediation tickets with SLA-based due dates
Real-Time Alerting - Sends Slack alerts for Critical vulns and email digests for High findings
Patch Verification - Checks remediation status against scanner re-scan results
Weekly Executive Report - Generates CISO-ready KPI summary and sends to leadership
Audit Log - Writes immutable compliance log to Google Sheets for SOC2/ISO 27001
Setup Steps
Import workflow into n8n
Configure credentials:
OpenAI API — GPT-4o for risk prioritization
Jira API — Ticket creation and tracking
Slack — Critical vulnerability alerts
Google Sheets — Vulnerability registry and audit log
SMTP / Gmail — Executive and team email reports
Set your scanner API endpoints and tokens in aggregation nodes
Configure Jira project key and SLA thresholds
Set Slack channel IDs for security team alerts
Schedule weekly report trigger to your preferred day/time
Activate both the scheduled and webhook triggers
CVE Severity SLA Targets
🔴 CRITICAL (CVSS 9.0–10.0) — Patch within 24 hours
🟠 HIGH (CVSS 7.0–8.9) — Patch within 7 days
🟡 MEDIUM (CVSS 4.0–6.9) — Patch within 30 days
🟢 LOW (CVSS 0.1–3.9) — Patch within 90 days
Sample Scanner Payload (Nessus)
{
"scanId": "SCAN-2025-0042",
"scanner": "nessus",
"targetHost": "192.168.1.105",
"hostName": "prod-db-01",
"cveId": "CVE-2024-21413",
"cvssScore": 9.8,
"pluginId": "212105",
"description": "Microsoft Outlook RCE vulnerability"
}
Features
Multi-scanner normalization** — Nessus, Qualys, and custom scanners unified
AI-powered exploit context** — GPT-4 adds CISA KEV status, weaponization likelihood
SLA-driven Jira tickets** — auto-assigns, sets due dates, links CVE details
Executive KPI dashboard** — weekly metrics: MTTD, MTTR, patch compliance rate
Audit-ready log** — every vuln tracked from detection to closure