[feature] data mine the local XML or parse RHSA web data
Closed this issue · 3 comments
cedwards commented
tl;dr: MOAR data
There's a lot of useful information that we could use to dashboard CVE data, we just aren't mining it yet. Let's mine it for items like:
Advisory: RHSA-2015:0066-2
Type: Security Advisory
Severity: Moderate
Issued on: 2015-01-20
Last updated on: 2015-01-21
Package(s): foo foo-bar foo-baz
... and anything else we can come up with.
dgmorrisjr commented
Agreed! I was thinking the same thing when i saw the output from the scan example in slack that you posted. Definitely the severity and packages are very important.
dgmorrisjr commented
Possibly include some data in the header - this will be useful for comparing scans that are run at different times:
Date Scanned: YYYYMMDD
Definition File: <name of the xml>
Checked #### vulnerabilities
### Vulnerabilities Found
###% Compliant
CVSS Score:
basepi commented
It appears we will probably be deprecating the original cve_scan module in favor of v2. I'm going to close this issue as a result.