displayName
CVE Response Coordination
workflowKind
security
triggerType
event-driven
typicalCadence
per-cve
complexity
cross-team
description
Coordinates the organization's response to newly disclosed CVEs affecting
its software stack -- monitoring advisory feeds (NVD, GitHub Security
Advisories, vendor bulletins), triaging by CVSS score and exploitability,
mapping affected CVEs to internal services via SBOM, prioritizing patching
by blast radius, coordinating emergency patch deployments, communicating
status to stakeholders, and tracking remediation to closure within SLA.
Excludes long-term vulnerability management strategy.