0.1.3 • Published 10 months ago

ssvc v0.1.3

Weekly downloads
-
License
MIT
Repository
github
Last release
10 months ago

TypeScript implementation of SSVC (Stakeholder-Specific Vulnerability Categorization)

NPM Version NPM License NPM Downloads

NPM

A prioritization framework to triage CVE vulnerabilities as an alternative or compliment to CVSS.

This library provides a comprehensive solution to using the SSVC framework with both CISA and FIRST methodologies. It includes examples of high, medium, and low severity decision prioritizations for each methodology.

Installation

npm install ssvc

Decision Trees

CISA

CISA

FIRST

FIRST

Decision Class Usage Guide

The Decision class is used to evaluate cybersecurity decisions based on different methodologies. This guide demonstrates how to use the class with both CISA and FIRST methodologies.

Importing the Necessary Components

First, import the required classes and enums:

import { 
  Decision, 
  Exploitation, 
  Automatable, 
  Utility,
  TechnicalImpact, 
  MissionWellbeingImpact,
  SafetyImpact, 
  Methodology 
} from 'ssvc';

Note: The Decision constructor also accepts string inputs for enum values:

CISA Methodology Examples

const cisaHigh = new Decision({
  methodology: Methodology.CISA,
  exploitation: Exploitation.ACTIVE,
  automatable: Automatable.YES,
  technical_impact: TechnicalImpact.TOTAL,
  mission_wellbeing: MissionWellbeingImpact.HIGH
});
console.log(cisaHigh.evaluate());
// Expected output: OutcomeCISA { action: 'Act', priority: 'immediate' }
const cisaStringInputs = new Decision({
  methodology: 'CISA',
  exploitation: 'active',
  automatable: 'yes',
  technical_impact: 'total',
  mission_wellbeing: 'high'
});
console.log(cisaStringInputs.evaluate());
// Expected output: OutcomeCISA { action: 'Act', priority: 'immediate' }
const cisaMedium = new Decision({
  methodology: Methodology.CISA,
  exploitation: Exploitation.POC,
  automatable: Automatable.NO,
  technical_impact: TechnicalImpact.PARTIAL,
  mission_wellbeing: MissionWellbeingImpact.MEDIUM
});
console.log(cisaMedium.evaluate());
// Expected output: OutcomeCISA { action: 'Track*', priority: 'medium' }

FIRST Methodology Examples

const firstHigh = new Decision({
  methodology: Methodology.FIRST,
  exploitation: Exploitation.ACTIVE,
  utility: Utility.SUPER_EFFECTIVE,
  technical_impact: TechnicalImpact.TOTAL,
  safety_impact: SafetyImpact.CATASTROPHIC
});
console.log(firstHigh.evaluate());
// Expected output: OutcomeFIRST { action: 'immediate', priority: 'immediate' }

Example 3: Low Severity Case

const firstStringInputs = new Decision({
  methodology: 'FIRST',
  exploitation: 'poc',
  utility: 'efficient',
  technical_impact: 'partial',
  safety_impact: 'major'
});
console.log(firstStringInputs.evaluate());
// Expected output: OutcomeFIRST { action: 'out-of-band', priority: 'medium' }
vulnerabilitiesprioritizationtriageCVECVSSSSVCCISAFIRST
ts-enum-utilzod
0.1.2

10 months ago

0.1.3

10 months ago

0.1.1

11 months ago

0.1.0

11 months ago

0.0.1

11 months ago