You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We discussed about the idea of having collections/sets of vulnerabilities.
Basically a collection has a name and a set of vulnerabilities.
The set of vulnerabilities can be cherry picked manually or via expressions created by the user (key/value) which will result in a dynamic collection. This can lead to nested queries in JSON objects. For example if we want the collection of vulnerabilities with an attackComplexity set to LOW. Just as example...
Maybe first implement static collections.
The text was updated successfully, but these errors were encountered:
Maybe the easiest would be a very simple approach like we do for misp-galaxy. We have a set of keys for the collection like name, description, creator, last_updated, list_of_vulnerability_references and then a meta which could contain additional field set locally by the contributor.
I just created a new branch dedicated to the development of the bundles feature. The draft JSON schema is here.
It is quite close to the JSON schema for the comments, here.
The main difference is that the array related_vulnerabilities is now mandatory.
I remove the filed ''vulnerability''
Comments have ''name''. Whereas bundles have a ''title''. The terminology is slightly different. But I can use the same terminology if you think that it's best.
We discussed about the idea of having collections/sets of vulnerabilities.
Basically a collection has a name and a set of vulnerabilities.
The set of vulnerabilities can be cherry picked manually or via expressions created by the user (key/value) which will result in a dynamic collection. This can lead to nested queries in JSON objects. For example if we want the collection of vulnerabilities with an
attackComplexity
set toLOW
. Just as example...Maybe first implement static collections.
The text was updated successfully, but these errors were encountered: