Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Framework for evaluating vulnerability rankings #10

Open
4 of 8 tasks
cunha opened this issue Oct 21, 2023 · 4 comments
Open
4 of 8 tasks

Framework for evaluating vulnerability rankings #10

cunha opened this issue Oct 21, 2023 · 4 comments
Assignees

Comments

@cunha
Copy link
Member

cunha commented Oct 21, 2023

We need a Web framework to get feedback from network operators. This will be essential in getting information to train the ML models in the future.

  • Build Web interface to show vulnerabilities
    • Vulnerability descriptions
    • Severity (CVSS v2 or v3)
    • Priority selector (for all our rankings)
  • Implement feedback mechanisms on priority
    • Let operators indicate that the ranking should be higher/lower than another vulnerability
    • Let operators assign an absolute priority
    • Brainstorm other feedback mechanisms
@cunha
Copy link
Member Author

cunha commented Dec 1, 2023

  • Limit rankings to X (e.g., X = 20) worst CVSS
  • Add "adjust" buttons (arrow up, OK, arrow down)
  • Remove "Save Ranking" button; implement autosave

@cunha
Copy link
Member Author

cunha commented Dec 1, 2023

  • Replace IP with server description
  • Remove duplicate entries (Shodan banners host:port:module that have identical data)

@cunha
Copy link
Member Author

cunha commented Dec 29, 2023

  • Show information when mouse hovers over buttons
  • Show organization and other information on the initial table to provide context
    • Check with Lucas Ponce how to get organization information
  • Sort graph on server details page
  • Pre-load CVEs with the highest CVSS scores

@cunha
Copy link
Member Author

cunha commented Dec 29, 2023

  • Think about how we are going to deploy this continually

@cunha cunha mentioned this issue Dec 29, 2023
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants