Published on June 6th, 2016 | by NJ Ouchn3
vFeed API 0.6.8 introduction of WASC v2.0 Mapping
vFeed Framework is a CVE, CWE and OVAL Compatible naming scheme concept that provides extra structured detailed third-party references and technical characteristics for a CVE entry through an extensible XML/JSON schema.
It also improves the reliability of CVEs by providing a flexible and comprehensive vocabulary for describing the relationship with other standards and security references.
The associated vFeed.db (The Correlated Vulnerability and Threat Database) is a detective and preventive security information repository used for gathering vulnerability and mitigation data from scattered internet sources into an unified database.
- Added support to CAPEC version 2.8. Check about CAPEC v2.8.
- Added support to CWE v2.9. Check the full changelog.
- Added mapping to WASC v2.0 Threat Classification.
- Added CVSS v2.0 vectors to
risk.pyclass. Now, the methods
get_severitydisplay the vector when available.
- Added new method
get_wascto reflect the new mapping with WASC v2.0. The method returns ID, Title and URL when available.
- Modified the method
get_capecto return the following:
- Reflected the changes in
cvsexports.sqlMongoDB script to generate the new added tables.
- vFeed.db the correlated vulnerability & threat database fully regenerated to support the new changes.
- Documentation updated accordingly.