consolidation of some of the modules, localization fixes, product advisories work, qa work
This commit is contained in:
master
@@ -0,0 +1,22 @@
|
||||
# Findings Ledger and Replay (Vulnerability Explorer)
|
||||
|
||||
The Findings Ledger is the append-only backbone for auditable triage. It records current finding state, history transitions, and operator actions in a way that supports deterministic replay and offline verification.
|
||||
|
||||
This document provides a conceptual overview; the authoritative schema and hashing rules are in the Findings Ledger module docs.
|
||||
|
||||
## What the Ledger Stores
|
||||
|
||||
- **Finding records:** enriched, policy-derived findings (with references to advisories/VEX/SBOM/reachability and explain traces).
|
||||
- **History:** append-only state transitions with actor identity, justification, and timestamps (UTC).
|
||||
- **Triage actions:** discrete operator actions (comment, assignment, mitigation note, ticket link) with immutable provenance.
|
||||
|
||||
## Replay and Verification
|
||||
|
||||
- Replay reconstructs derived state from append-only history/actions and compares deterministic digests.
|
||||
- Offline bundles include the ledger exports plus integrity metadata so auditors can verify without trusting a live service.
|
||||
|
||||
## References
|
||||
|
||||
- Findings Ledger schema: `docs/modules/findings-ledger/schema.md`
|
||||
- Merkle anchoring policy: `docs/modules/findings-ledger/merkle-anchor-policy.md`
|
||||
- Vulnerability Explorer dossier: `docs/modules/vuln-explorer/architecture.md`
|
||||
Reference in New Issue
Block a user