Open iFrozenPhoenix opened 3 months ago
Hey @iFrozenPhoenix we've found a workaround for the moment (assuming you want to map the CWEs to the CVEs existing in NVD https://cwe.mitre.org/data/definitions/1003.html):
Would that work for you at the moment? If not could you maybe in more details what is not satisfactory in regards of your use case ?
@nino-filigran yes this could work for the moment. Are there plans to add CWEs to the Platform?
Not at the moment, unless we get more requests on this topics/if the workaround does not answer fully your use case. soon, we'll work on ensuring that organisation can understand their vulnerabilities (by being better at linking CVEs and CPEs, to provide a proper feature of vulnerability assesment). This is more the direction that we're looking at at the moment.
@nino-filigran that sounds really interesting. Can you tell a bit more what you mean with vulnerability assessment? I know that you focus on linking cpes to cves and also strive for an asset management integration, tenable if I remember correct.
Use case
Analyzing the cause of a vulnerability. This would allow to prioritize and eventually allow for mitigation in cases where there is no official fix for the vulnerability (0 day).
Current Workaround
Managing Vulnerabilities and their CWEs additionally in an external database outside OpenCTI.
Proposed Solution
New Entity Type Weakness (Analog to attack pattern). This vulnerability can then be related to the weakness with a has relationship.
Additional Information
NA
If the feature request is approved, would you be willing to submit a PR?
Yes / No (Help can be provided if you need assistance submitting a PR)