Automation definitions

This document provides an overview of the Automations feature in Invicti Platform. For information about adding, editing, and deleting automations, refer to Create new automation and Update, clone, or disable automations.

What are automations?

Automations let you define how Invicti interacts with your other systems based on the rules that you define. Those rules are created by specifying a scope and the events within that scope that will trigger actions. Therefore, a single automation consists of a scope, a list of events, and a list of actions (for each event).

Some examples of automations are:

• If a scan is started or fails, send an email notification
• If a vulnerability is found, create an issue in your Issue Tracker

What is a scope?

Automations are bound to a scope. The scope defines the target or target groups for your automation, and the scope is what an event belongs to. For instance, an automation scope could be all targets, specific target groups, or a set of specified targets.

What is an event?

Invicti listens for events to determine when to trigger the automation actions you define. An event could be when a scan completes or fails or when a vulnerability is found. You can set up multiple events for one automation.

What are actions?

The actions you define are what will happen when a specified event is triggered within the selected scope of the automation. These actions can either send an email notification to specified recipients or send the vulnerability to an integrated issue tracker. Note that you first need to have integrated your issue tracker with Invicti.

Who can view and manage automations?

Full access for the creation of automations is restricted to the administrator and owner roles.