blob: 1df170ab64d63bf66969fc74a8cd7fc94ce24b13 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
{% extends "base.html" %}
{% load static %}
{% load projecttags %}
{% load humanize %}
{% block title %} Export Report {% endblock %}
{% block pagecontent %}
<div class="row">
<div class="col-md-7" style="padding-left: 50px;">
<h1>Triage Incoming CVE's</h1>
</div>
</div>
<h2> Triage Filtering</h2>
<ul>
<li>A collection of filter keywords have been extracted from the last 10 years of CVE triaging</li>
<li>Each CVE is provided a list of matching positive keywords and matching negative keywords</li>
<li>Each CVE is also given a score to represent the balance of positive versus negative keywords</li>
<li>Here is keyword management page:</li>
</ul>
<a class="btn btn-info btn-lg" href="{% url 'keywords' %}">Manage Keyword Filters</a></td>
<h2> New CVEs Triage </h2>
<ul>
<li>Select a range of similar new incoming CVE's via scoring, string matches, and filters</li>
<li>You can then (a) review/sample them, (b) select all or some, and then (c) click a button to bulk assign them</li>
</ul>
<a class="btn btn-info btn-lg" href="{% url 'select-cves' %}">Incoming CVE Triage Page</a>
<h2> Updated CVEs Triage</h2>
<ul>
<li>Select a range of similar updated CVE's via scoring, string matches, and filters</li>
<li>You can then (a) review/sample them, (b) select all or some, and then (c) click a button to bulk assign them</li>
</ul>
<a class="btn btn-info btn-lg" href="{% url 'tbd' %}">Updated CVE Triage Page</a>
<h2> Guided Manual Triage </h2>
<ul>
<li>View each of the remaining ones, assign it, and after you save you are automatically passed to the next in that list</li>
</ul>
<h2> Automated Triage </h2>
<ul>
<li>Certain keywords can be given high values, which can then be used to automatically triage the obvious cases</li>
</ul>
<h2> Process for Accepted CVE's </h2>
<ul>
<li>Mark the CVE's new state</li>
<li>Create new Vulnerability</li>
<li>Selectively create product Investigations based on the available CPE's</li>
<li>Selectively create Defects (or wait till later), if the CVE is public</li>
</ul>
{% endblock %}
|
