Within the FortiSOAR Alerts module, a scenario illustrates an alert generated under the category of Type Certificate Monitoring. Upon accessing the demo alert, it becomes evident that the alert exemplifies a case where a certificate issue was detected on a specific asset through a FortiRecon EASM scan. This specific alert falls under the classification of "Certificate Monitoring" type.
Within the reported alert is an array of vital Certificate Issue Details. These details encompass essential information such as the Asset Name, Bucket, Bucket ID, Severity level, Status, User Name, Source, Source ID, and Type of issue.
To streamline and automate the response process, the dedicated response playbook titled "Certificate Issue Response" is triggered automatically. This playbook's execution is contingent upon the successful extraction and enrichment of all relevant indicators.
The core objective of the "Certificate Issue Response" playbook is to seamlessly manage the identified certificate problem associated with the asset. It achieves this by generating a ServiceNow ticket, which in turn initiates the resolution process, ensuring the timely mitigation of the issue at hand.
Ref: https://fortisoar.contenthub.fortinet.com//detail.html?entity=fortiReconEASM&version=1.0.0&type=solu...
