Our WSA-compliant CSAF documents do not require many of the fields contained within the current version of secvisogram.
Form-entry modifications can be split into three categories:
Fields to be Restricted
Fields to be Removed (unnecessary)
Fields to be Removed (autogenerated)
An example of each:
Restricted: The products section specifies products as a text-field, this should be pre-configured to a drop-down/radio button as WSA/WebSphere only consider WebSphere/Liberty/JDK bulletins.
Removed (unnecessary): There are various form fields which are not required by WSA, such as List of Threats under the vulnerabilities section.
Removed (autogenerated): Metadata fields, such as date generated.