Option to trigger notifications based on severity of the CVE #3767
Comments
|
This feature would be incredibly helpful in reducing the number of notifications sent to our security champions. Currently, some teams in our organization manage numerous microservices, and they receive notifications about new vulnerabilities for every severity level. This results in a flood of emails, which can lead to important messages being ignored due to the sheer volume. By filtering notifications based on severity, we could limit the emails to only high and critical vulnerabilities. This would significantly reduce the number of emails, ensuring that only the most important notifications are sent, making it easier for our security champions to stay focused on critical issues. |
|
We also need this feature. If you have a vision, how it should be configured - I could take this task. Right now I see it as new setup page (Notifications -> Severity Mapping) which will have such a grid:
I'm not sure if it's OK to tag @nscuro , sorry if it's not. But I'm ready to help with this one. Thanks! |
|
PR's posted @nscuro |
Current Behavior
I can configure an alert notification for newly detected vulnerabilities.
Proposed Behavior
Currently, it is possible to configure a notification when a new vulnerability is detected. I would like to be able to trigger an alert notification only when the severity level is critical or high.
Checklist
The text was updated successfully, but these errors were encountered: