How to incorporate exploitation information into GSD about gsd-tools HOT 6 CLOSED

The GSD supports namespaces, so if you want to chuck everything into the "inthewild.io": {} namespace that is easiest, our data is licensed CC0 1.0 Universal so I'm not sure how that intersects with the Apache 2 that you use, effectively by submitting you'd have to allow the license to be CC0 1.0 Universal for us to republish it (I don't want to start "sublicensing" or whatever the term would be for the different namespaces/data).

As far as starting out do you want to do some test PR's so we can see what the data looks like, and figure out how to best automated this?

from gsd-tools.

Hey @kurtseifried what should I do the PR against, where to add this?
Probably this format would be the easiest. https://inthewild.io/api/exploited
On the other hand I'm not sure what information you think should belong here: just a yes/no with a reference?

from gsd-tools.

I would say the more data the better, e.g. having the times, and then the link to your site (e.g. https://inthewild.io/vuln/CVE-2020-28949) would be good, basically the more structured data you can send us the better, we are also in the process of having a schema validator that will ensure namespaces that support a schema (e.g. nvd.nist.gov uses the NVD schema for their data) so if you have a schema for your data we can also ensure it is correct on submission.

As far as how to get the data in we're doing PR's for now but longer term we will be doing an API for both read and write.

from gsd-tools.

where should we add data specifically?

from gsd-tools.

So we map GSD to CVE #'s 1:1, e.g. CVE-2020-28949 is GSD-2020-28949, this makes it really easy to find/update/etc. so https://github.com/cloudsecurityalliance/gsd-database/blob/main/2020/28xxx/GSD-2020-28949.json

As for where in the file we support namespacing, so your data would look like adding the following keys:

{
    "namespaces": {
        "inthewild.io": {
            "id": "CVE-2020-28949",
            "earliestReport": "2022-08-25T00:00:00.000Z",
            "references": [
                "https://inthewild.io/vuln/CVE-2020-28949"
            ]
        }
    }
}

so your data, a link to the reference for more info/source/etc.

from gsd-tools.

I've added this to the landscape document in #203.

@gmatuz, if you'd still like help with this, let me know. As mentioned by @kurtseifried, it would be fairly simple to add your data under a namespace using whatever scripting language of your choosing. We're also working on an API as well.

Closing out for now.

from gsd-tools.