Your Cart
Loading
Only -1 left

Endpoint Risk Aggregator – Score Endpoint Threats with Asset Weighting & Playbooks

On Sale
A$45.00
A$45.00
Added to cart

πŸ‘€ Who it’s for

Security teams, SOC analysts, and small-to-mid IT teams looking to automatically assess endpoint risk by combining known vulnerabilities with internal asset value and dynamic threat indicators.

Perfect for teams using Google Sheets or CSV asset inventories who want to prioritize incidents based on true business risk β€” not just raw CVE scores.


βš™οΈ How it works / What it does

  • Fetches endpoint-specific CVE data from prior modules or external feeds
  • Loads enriched internal asset inventory (IP, department, criticality, etc.)
  • Calculates risk score using a weighted formula:
  • (CVE severity Γ— Asset risk rating Γ— Exposure coefficient)
  • Applies custom playbook rules to determine action level (Notify / Investigate / Isolate)
  • Outputs filtered, triaged list of high-risk endpoints
  • Logs results to active and historical threat sheets
  • Sends summary email alerts based on final triaged list

πŸ› οΈ How to set up

  1. Google Sheets:
  2. Connect your enriched asset inventory and endpoint vulnerability input sheets
  3. using your OAuth2 credentials
  4. Edit Thresholds:
  5. Adjust scoring logic or thresholds in the β€œπŸ”Ž Risk Score Calculator” node
  6. Email Alerts:
  7. Add your sender credentials and customize recipient address list
  8. Automation Trigger:
  9. Optional: Add a Cron node or Webhook to run this aggregator hourly/daily
  10. Review sticky notes:
  11. All logic is labeled clearly with setup instructions

πŸ“‹ Requirements

  • Google account + access to n8n Google Sheets integration
  • Vulnerability scan output (from CyberScan or external CVE feed)
  • Enriched asset inventory with basic scoring fields (asset value, criticality)
  • SMTP or email alert service (optional)

🧩 How to customize the workflow

  • Replace Google Sheets with Supabase, Airtable, or internal DB
  • Add columns for department ownership, system type, or live agent signals
  • Integrate with EDR/XDR system or incident tracking tool
  • Expand the playbook to include automatic isolation triggers

πŸ“¦ This is a clean, production-ready version with no sensitive data.

Placeholders are clearly marked.


πŸ” This module is part of the CYBERPULSEBlueOps Pro Pack.

Get access to advanced automation, isolation triggers, full asset triage logic, and instant download at

πŸ‘‰ cyberpulsesolutions.com/blueops

You will get the following files:
  • JSON (7KB)
  • XLSX (5KB)
  • MD (2KB)