Coder Social home page Coder Social logo

cvd's Introduction

cvd

Coordinated Vulnerability Disclosure

This CVD repository is an implementaion of CVD Guide guidance document. The CVD guidance document highlights various phases of a CVD as Discovery, Reporting, Triage, Remediation, Public Awareness followed by Deployment. There are also Roles defined in CVD that identifies several stakeholders intergral to the defined CVD process. Below is a quick overview of these phases in a tabular form.

Phases/Roles Finder Reporter Vendor Coordinator Deployer
Discovery Finds Vulnerabilities - - - -
Reporting Prepares Report Reports Vulnerabilities Receives Reports Receives Report, Assists Reporting -
Triage - Validates and Prioritizes report for response Prepares pacthces, Develops advisory Validates reports receive and Priorit -
Remediation - Confirms Fix Prepares patches, Develops advisory Coordinates multiparty response, Develops advisory -
Public Awareness Publishes report Publishes report Publishes report Publishes report Receives Report
Deployment - - - Monitors Deployment Deploys fixes and/or mitigations

This repostiory attempts to build a machine that will follow CVD process providing both CVD data schemas and related CVD processing engines that will carry us through these phases. The diagram below and the related table are ongoing work in this area to create a schema and a machine that will process the schema and advance CVD through its phases. Alt text

Input Processing-Engine Output Audience
Vendor_search Discovery-Engine Report_methods Finder
Vul_report Reporting-Service Vul_report Coordinator
Vul_report Triage-Manager Vul_coordinate Finder,Coordinator,Vendor
Vul_coordinate Remediation-Broker Vul_remediate Finder,Coordinator,Vendor
Vul_remediate Publishing-Service Vul_notice All
Vul_notice Deployment-Tracker Vul_metrics All

cvd's People

Contributors

sei-vsarvepalli avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.