stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

more features checks. setup improvements

Browse Source
This commit is contained in:
master
2026-02-13 02:04:55 +02:00
parent 9911b7d73c
commit 9ca2de05df
675 changed files with 37550 additions and 1826 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
docs/features/checked/policy/epss-raw-feed-layer.md Normal file
View File

@@ -0,0 +1,36 @@
# EPSS Raw Feed Layer (Immutable Storage)
## Module
Policy
## Status
IMPLEMENTED
## Description
EPSS feed ingestion with CSV parsing, repository storage, and enrichment jobs. Database migrations exist for EPSS risk scores storage.
## Implementation Details
- **UnknownRanker Integration**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs` -- uses EPSS scores in exploit pressure calculation
- EPSS >= 0.90: +0.30 exploit pressure factor
- EPSS >= 0.50: +0.15 exploit pressure factor
- `UnknownRankInput.EpssScore` (decimal 0.0-1.0) feeds into scoring
- **Risk Scoring Integration**: `src/Policy/StellaOps.Policy.Engine/Scoring/` -- EPSS scores used in risk profile scoring
- `ProfileAwareScoringService.cs` -- includes EPSS in profile-aware scoring
- `RiskScoringModels.cs` -- risk scoring models with EPSS data
- `RiskScoringTriggerService.cs` -- triggers re-scoring when EPSS data updates
- **RiskSimulationService**: `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs` -- EPSS used as a signal in risk simulations
- Categorical signal mapping: EPSS score mapped to signal weight contributions
- **Policy Gate Integration**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` -- EPSS thresholds used in gate evaluation
- **Staleness Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/StalenessEndpoints.cs` -- feed staleness monitoring
- **Risk Profile Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileEndpoints.cs` -- profiles include EPSS configuration
- **Evidence Weighted Score**: `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/` -- EPSS contributes to evidence-weighted scoring
## E2E Test Plan
- [ ] Verify EPSS score (0.95) contributes +0.30 exploit pressure factor in unknown ranking
- [ ] Verify EPSS score (0.50) contributes +0.15 exploit pressure factor
- [ ] Verify EPSS score (0.10) contributes 0 exploit pressure factor (below threshold)
- [ ] Verify risk simulation includes EPSS as a signal with weight contribution
- [ ] Verify risk scoring trigger fires when EPSS data updates
- [ ] Check staleness endpoint for EPSS feed; verify freshness status is reported
- [ ] Verify evidence-weighted score includes EPSS contribution
- [ ] Verify policy gate evaluates EPSS threshold per configuration