feat(docs): Add comprehensive documentation for Vexer, Vulnerability Explorer, and Zastava modules

- Introduced AGENTS.md, README.md, TASKS.md, and implementation_plan.md for Vexer, detailing mission, responsibilities, key components, and operational notes. - Established similar documentation structure for Vulnerability Explorer and Zastava modules, including their respective workflows, integrations, and observability notes. - Created risk scoring profiles documentation outlining the core workflow, factor model, governance, and deliverables. - Ensured all modules adhere to the Aggregation-Only Contract and maintain determinism and provenance in outputs.
2025-10-30 00:09:39 +02:00
parent 3154c67978
commit 7b5bdcf4d3
503 changed files with 16136 additions and 54638 deletions
--- a/docs/modules/notify/resources/samples/notify-rule@1.sample.json
+++ b/docs/modules/notify/resources/samples/notify-rule@1.sample.json
@@ -0,0 +1,63 @@
+{
+  "schemaVersion": "notify.rule@1",
+  "ruleId": "rule-secops-critical",
+  "tenantId": "tenant-01",
+  "name": "Critical digests to SecOps",
+  "description": "Escalate KEV-tagged findings to on-call feeds.",
+  "enabled": true,
+  "match": {
+    "eventKinds": [
+      "scanner.report.ready",
+      "scheduler.rescan.delta"
+    ],
+    "namespaces": [
+      "prod-*"
+    ],
+    "repositories": [],
+    "digests": [],
+    "labels": [],
+    "componentPurls": [],
+    "minSeverity": "high",
+    "verdicts": [],
+    "kevOnly": true,
+    "vex": {
+      "includeAcceptedJustifications": false,
+      "includeRejectedJustifications": false,
+      "includeUnknownJustifications": false,
+      "justificationKinds": [
+        "component-remediated",
+        "not-affected"
+      ]
+    }
+  },
+  "actions": [
+    {
+      "actionId": "email-digest",
+      "channel": "email:soc",
+      "digest": "hourly",
+      "template": "digest",
+      "enabled": true,
+      "metadata": {
+        "locale": "en-us"
+      }
+    },
+    {
+      "actionId": "slack-oncall",
+      "channel": "slack:sec-ops",
+      "template": "concise",
+      "throttle": "PT5M",
+      "metadata": {},
+      "enabled": true
+    }
+  ],
+  "labels": {
+    "team": "secops"
+  },
+  "metadata": {
+    "source": "sprint-15"
+  },
+  "createdBy": "ops:zoya",
+  "createdAt": "2025-10-19T04:12:27+00:00",
+  "updatedBy": "ops:zoya",
+  "updatedAt": "2025-10-19T04:45:03+00:00"
+}