Public documentation for governed AI labor
SDKs/Governance/Connectors
Arx / Docs / Vulnerability Ticket Creation

Documentation

Vulnerability Ticket Creation

Project-Agent-trust-merge / library/workflows/vuln-ticket-creation/README.md

Project-Agent-trust-merge repo-root library/workflows/vuln-ticket-creation/README.md

Automates vulnerability ticket creation by pulling findings from Wiz and Qualys, deduplicating across sources, and creating prioritized Jira tickets.

Maturity: L3-4 (Enforced to Governed)  ·  See the 5-level maturity model for where this workflow fits in your program.

What It Does

  1. Pulls critical and high-severity vulnerabilities from Wiz (cloud/container findings)
  2. Pulls critical and high-severity vulnerabilities from Qualys (host-based findings)
  3. Deduplicates findings across both sources using CVE ID and asset matching
  4. Calculates a unified priority score based on severity, exploitability, and asset criticality
  5. Creates prioritized Jira tickets with full context from both sources

Time Saved

Before: 3-5 hours/week — vulnerability analyst manually exports from two consoles, cross-references in a spreadsheet, creates Jira tickets one by one.

After: Automated deduplication and ticket creation. Analyst reviews the created tickets for accuracy.

Connectors

| Connector | Operations | Risk | |-----------|-----------|------| | Wiz | findings:read | LOW | | Qualys | vulnerabilities:read | LOW | | Jira | issues:create | MEDIUM |

Overall Risk: MEDIUM — Jira issues:create creates tickets. No destructive actions.

ARX Governance

  • HITL Gate: Disabled — all operations are reads or non-destructive creates
  • Risk Threshold: 70 — auto-approved below this score
  • Audit Trail: Every vulnerability processed, deduplication decision, and ticket created is logged
  • Schedule: Daily at 6 AM (0 6 * * *)

Setup

Prerequisites

``bash pip install arx ``

Environment Variables

``bash export WIZ_CLIENT_ID="your-wiz-client-id" export WIZ_CLIENT_SECRET="your-wiz-client-secret" export QUALYS_API_URL="https://qualysapi.qualys.com" export QUALYS_USERNAME="your-qualys-username" export QUALYS_PASSWORD="your-qualys-password" export JIRA_URL="https://your-org.atlassian.net" export JIRA_API_TOKEN="your-jira-api-token" export JIRA_PROJECT_KEY="VULN" ``

Run

```bash

One-time execution

arx run workflow.py

Register on schedule

arx register --config arx.yaml ```

Customization

  • Adjust severity filters for each source
  • Configure the priority scoring weights
  • Modify Jira project key, issue type, and custom fields
  • Add additional vulnerability sources by extending the normalize functions