Advanced Notifications Configuration¶
Advanced notification rules for vulnerability severity, risk score, and open-duration thresholds.
Overview¶
Advanced notifications provide proactive alerting based on vulnerability severity, risk scores, and the duration vulnerabilities remain open. These rules run daily at 2:00 AM GMT and evaluate all vulnerabilities across workspaces the user has access to.
Key Characteristics¶
| Feature | Detail |
|---|---|
| Rule count | 6 configurable rules |
| Execution schedule | Daily at 2:00 AM GMT |
| Delivery channels | In-App, Email, Slack |
| Configuration scope | Per-user settings |
| Configuration location | Notifications > Advanced tab |
| Requires | Corporate License |
Accessing Advanced Notifications¶
- Navigate to the Notifications section in the left panel.
- Click the Advanced tab.
Notification Rules¶
Rule 1: New High/Critical Severity Vulnerability¶
Triggered when a new vulnerability with High or Critical severity is detected in a workspace.
Note: This rule triggers on new vulnerability creation, not on existing vulnerabilities that are reclassified.
Rule 2: Risk Score Threshold¶
Triggered when a vulnerability with a risk score greater than the specified value is detected.
Example: Set threshold to 7 to receive notifications for any
vulnerability with a risk score exceeding 7.
Rule 3: Critical Severity — Open Duration¶
Triggered when a critical severity vulnerability has been open for more than the specified number of days.
Rule 4: High Severity — Open Duration¶
Triggered when a high severity vulnerability has been open for more than the specified number of days.
Rule 5: Medium Severity — Open Duration¶
Triggered when a medium severity vulnerability has been open for more than the specified number of days.
Rule 6: Low Severity — Open Duration¶
Triggered when a low severity vulnerability has been open for more than the specified number of days.
How to Configure¶
- Enable the rule: Toggle the switch to enable the desired notification type.
- Set threshold or days: Enter the threshold value (for risk score) or the
number of days (for open duration rules). For example, set the risk score
threshold to
7to be notified about vulnerabilities with risk scores above 7. - Select delivery channels: Choose one or more notification channels:
- In-App: Notification appears in the Faraday Notification Bell.
- Email: Notification is sent to the email address on your user account (requires SMTP configuration — see Notifications Settings).
- Slack: Notification is sent as a DM to your Slack account (requires Slack integration — see Configure Slack Notifications).
Execution Schedule¶
Advanced notification rules are evaluated on a daily schedule at 2:00 AM GMT. This means:
- Open-duration rules check all open vulnerabilities once per day.
- A vulnerability that crosses the day threshold will trigger a notification on the next 2 AM run.
- New high/critical severity and risk score threshold rules also evaluate during this daily run.
- Notifications are not sent in real-time for advanced rules; they batch on the daily schedule.
Configuration Summary Table¶
| Rule | Trigger | Configurable Parameter |
|---|---|---|
| High/Critical severity | New vulnerability with high or critical severity | — (no threshold) |
| Risk score threshold | Vulnerability risk score exceeds value | Threshold value (integer) |
| Critical open duration | Critical vuln open > N days | Days (integer) |
| High open duration | High vuln open > N days | Days (integer) |
| Medium open duration | Medium vuln open > N days | Days (integer) |
| Low open duration | Low vuln open > N days | Days (integer) |
