vFeed API 0.6.8 introduction of WASC v2.0 Mapping
vFeed Framework is a CVE, CWE and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema.
It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.
The associated vFeed.db (The Correlated Vulnerability and Threat Database) is a detective and preventive security information repository used for gathering vulnerability and mitigation data from scattered internet sources into an unified database.
Changelog 0.6.8
- Added support to CAPEC version 2.8. Check about CAPEC v2.8.
- Added support to CWE v2.9. Check the full changelog.
- Added mapping to WASC v2.0 Threat Classification.
- Added CVSS v2.0 vectors to
risk.py
class. Now, the methodsget_cvss
andget_severity
display the vector when available. - Added new method
get_wasc
to reflect the new mapping with WASC v2.0. The method returns ID, Title and URL when available. - Modified the method
get_capec
to return the following:- The title
- Method of Attacks
- Mitigations
- Reflected the changes in
cvsexports.sql
MongoDB script to generate the new added tables. - vFeed.db the correlated vulnerability & threat database fully regenerated to support the new changes.
- Documentation updated accordingly.
[button size=large style=round color=red align=none url=https://github.com/toolswatch/vFeed ]Get IT Now !! [/button]