menu

Vulnerability Check & Triage Walkthrough

posted 1 min read

Use Kestra, Gemini, and Notion to automate a CVE (Common Vulnerabilities & Exposures) checker. Uses AI to get a little more assistance with triage.

Join me in this video walkthrough to see how you can build a similar solution and stay tuned until the end when I talk about pointers for what I would do to continue building or improve this!

2 Comments

Solid guide . One question how do you decide what’s actually exploitable vs just high severity on paper?

1 vote

@[Andrey Turkin] CISA does that for me with their KEV (Known Exploited Vulnerabilities) Catalog. These are known to have already been exploited in the wild. I realized after I was using this as a datasource that the AI would probably always evaluate these as a high priority and requiring immediate mitigation. Oh well.

You can also find lists that are "just" CVEs and look really severe, but can't be exploited due to a variety of things. This is where I would leverage the AI tools companies are giving access to their source code and work collaboratively to determine if it's exploitable in that particularly setup/configuration/environment/etc.

1

More Posts

Comparison: Universal Import vs. Plaid/Yodlee

Pocket Portfolio - Mar 12

My First Flow with Kestra.io

Amara Graham - Feb 6

The Interface of Uncertainty: Designing Human-in-the-Loop

Pocket Portfolio - Mar 10

Building a Self-Triaging CVE Checker with Gemini, Kestra, and Notion

Amara Graham - Apr 6

Security Testing for SDETs: Automate Vulnerability Scans with OWASP ZAP

bugnificentverified - Mar 28, 2025
chevron_left

More From Amara Graham

Sibling Rivalry? How to Make Kestra Tasks Talk to Each Other

What brings you by a conference booth?

Are you paying attention to your token use?

Related Jobs

View all jobs →

Commenters (This Week)

3 comments
1 comment
1 comment

Contribute meaningful comments to climb the leaderboard and earn badges!