Automated CVE Intelligence: Pulls data from Digital Shadows, CISA Known Exploited Vulnerabilities, CVSS scoring, third party plugins, and third-party sources.
Automated Record Creation: Automatically generates vulnerability records when specific criteria are met—such as matching known exploited vulnerabilities (e.g., CISA KEV) or exceeding severity thresholds.
Auto-Closure of Stale Records: Automatically closes records when no active findings are detected over a configurable period, reducing noise and maintaining a clean, actionable backlog.
Real-Time Finding Synchronization: Continuously updates the count of associated vulnerability findings, including those identified across other instances running Vulnerability Response.
Flexible flows: Supports escalation, de-escalation approval flows
Automated Notifications: Notifications are triggered automatically for escalation approvals and general updates
Role-Based Access Control (RBAC)
- TEVA Users: Create and view TEVA records with limited access.
- TEVA Managers: Access investigator-specific sections of a case.
- TEVA Admins: Full control over TEVA, configurations, and notifications and second level approvals.
Catalog Integration: Users can submit TEVA requests directly from the Service catalog interface using CVE identifiers.