# Advisory Source Connector Coverage Matrix

Last updated: 2026-04-06

## Summary

| Metric | Count |
|--------|-------|
| Total sources defined | 70 |
| Connectors implemented | 33 |
| Coverage rate | 47% |
| Missing connectors | 37 |

## Coverage by Category

### Primary Databases (6/6 — 100%)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| nvd | NVD (NIST) | `Connector.Nvd` | Complete |
| osv | OSV (Google) | `Connector.Osv` | Complete |
| ghsa | GitHub Security Advisories | `Connector.Ghsa` | Complete |
| cve | CVE.org (MITRE) | `Connector.Cve` | Complete |
| epss | EPSS (FIRST) | `Connector.Epss` | Complete |
| kev | CISA KEV | `Connector.Kev` | Complete |

### Linux Distributions (7/10 — 70%)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| debian | Debian Security | `Connector.DistroDebian` | Complete |
| ubuntu | Ubuntu Security | `Connector.DistroUbuntu` | Complete |
| alpine | Alpine Security | `Connector.DistroAlpine` | Complete |
| suse | SUSE Security | `Connector.DistroSuse` | Complete |
| rhel | RHEL Security | `Connector.RedHat` | Complete |
| astra | Astra Linux | `Connector.DistroAstra` | Complete |
| centos | CentOS Security | — | **Missing (P2)** |
| fedora | Fedora Security | — | **Missing (P2)** |
| arch | Arch Security | — | Missing (P3) |
| gentoo | Gentoo Security | — | Missing (P3) |

### Vendor Advisories (5/11 — 45%)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| oracle | Oracle Security | `Connector.VndrOracle` | Complete |
| apple | Apple Security | `Connector.VndrApple` | Complete |
| cisco | Cisco Security | `Connector.VndrCisco` | Complete |
| vmware | VMware Security | `Connector.Vmware` | Complete |
| redhat | Red Hat Security | `Connector.RedHat` | Complete |
| microsoft | Microsoft MSRC | — | **Missing (P2)** |
| amazon | Amazon Linux Security | — | **Missing (P2)** |
| google | Google Security | — | **Missing (P2)** |
| fortinet | Fortinet PSIRT | — | Missing (P3) |
| juniper | Juniper Security | — | Missing (P3) |
| paloalto | Palo Alto Security | — | Missing (P3) |

### Language Ecosystems (0/9 — 0%)

Ecosystem advisories are currently routed through OSV/GHSA. Direct connectors would add faster ingestion and richer metadata.

| Source | Display Name | Priority | Status |
|--------|-------------|----------|--------|
| npm | npm Advisories | **P2** | Missing |
| pypi | PyPI Advisories | **P2** | Missing |
| maven | Maven Advisories | **P2** | Missing |
| go | Go Advisories | **P2** | Missing |
| rubygems | RubyGems Advisories | P3 | Missing |
| nuget | NuGet Advisories | P3 | Missing |
| crates | Crates.io Advisories | P3 | Missing |
| packagist | Packagist Advisories | P3 | Missing |
| hex | Hex.pm Advisories | P3 | Missing |

### Cloud Providers (0/3 — 0%)

| Source | Display Name | Priority | Status |
|--------|-------------|----------|--------|
| aws | AWS Security Bulletins | P3 | Missing |
| azure | Azure Security Advisories | P3 | Missing |
| gcp | GCP Security Bulletins | P3 | Missing |

### National CERTs (7/13 — 54%)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| us-cert | CISA (US-CERT) | `Connector.IcsCisa` | Complete |
| cert-fr | CERT-FR (France) | `Connector.CertFr` | Complete |
| cert-de | CERT-Bund (Germany) | `Connector.CertBund` | Complete |
| jpcert | JPCERT/CC (Japan) | `Connector.Jvn` | Complete |
| krcert | KrCERT (South Korea) | `Connector.Kisa` | Complete |
| cert-in | CERT-In (India) | `Connector.CertIn` | Complete |
| fstec-bdu | FSTEC BDU (Russia) | `Connector.RuBdu` | Complete |
| nkcki | NKCKI (Russia) | `Connector.RuNkcki` | Complete |
| cert-at | CERT.at (Austria) | — | Missing (P4) |
| cert-be | CERT.be (Belgium) | — | Missing (P4) |
| cert-ch | NCSC-CH (Switzerland) | — | Missing (P4) |
| cert-eu | CERT-EU | — | Missing (P4) |
| cert-ua | CERT-UA (Ukraine) | — | Missing (P4) |

### ICS/SCADA (2/3)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| kaspersky-ics | Kaspersky ICS-CERT | `Connector.IcsKaspersky` | Complete |
| us-cert | CISA ICS | `Connector.IcsCisa` | Complete |
| siemens | Siemens ProductCERT | — | Missing (P3) |

### Exploit Databases (0/3 — 0%)

| Source | Display Name | Priority | Status |
|--------|-------------|----------|--------|
| exploitdb | Exploit-DB | P3 | Missing |
| poc-github | PoC-in-GitHub | P3 | Missing |
| metasploit | Metasploit Modules | P3 | Missing |

### Container/Supply Chain (0/2 — 0%)

| Source | Display Name | Priority | Status |
|--------|-------------|----------|--------|
| docker-official | Docker Official CVEs | P3 | Missing |
| chainguard | Chainguard Advisories | P3 | Missing |

### Hardware/Firmware (0/3 — 0%)

| Source | Display Name | Priority | Status |
|--------|-------------|----------|--------|
| intel | Intel PSIRT | P3 | Missing |
| amd | AMD Security | P3 | Missing |
| arm | ARM Security Center | P3 | Missing |

### Other (remaining)

| Source | Display Name | Connector | Status |
|--------|-------------|-----------|--------|
| stella-mirror | StellaOps Mirror | `Connector.StellaMirror` | Complete (internal) |
| csaf | CSAF Aggregator | — | Missing (P3) |
| csaf-tc | CSAF TC Trusted Publishers | — | Missing (P4) |
| vex | VEX Hub | — | Missing (P4) |
| mitre-attack | MITRE ATT&CK | — | Missing (P4) |
| mitre-d3fend | MITRE D3FEND | — | Missing (P4) |
| rustsec | RustSec Advisory DB | — | Missing (P3) |
| pypa | PyPA Advisory DB | — | Missing (P3) |
| govuln | Go Vuln DB | — | Missing (P3) |
| bundler-audit | Ruby Advisory DB | — | Missing (P3) |
| auscert | AusCERT (Australia) | — | Missing (P4) |
| cert-pl | CERT.PL (Poland) | — | Missing (P4) |

---

## Priority Breakdown

### P2 — High Value (9 missing)

These are the most impactful gaps for enterprise deployments:

1. **microsoft** — MSRC advisories cover Windows/Office/Azure; major gap for Windows-heavy estates
2. **amazon** — Amazon Linux is the default ECS/EKS base image
3. **google** — Android/Chrome/Cloud advisories
4. **centos** — Still widely deployed in legacy estates
5. **fedora** — Upstream for RHEL; early-warning value
6. **npm** — Largest package ecosystem by count
7. **pypi** — Fastest-growing ecosystem for ML/data workloads
8. **maven** — Dominant in enterprise Java
9. **go** — Growing in cloud-native infrastructure

### P3 — Vendor/Infrastructure (19 missing)

Network vendors (fortinet, juniper, paloalto), cloud providers (aws, azure, gcp), exploit DBs, container sources, hardware vendors, niche ecosystems.

### P4 — Niche/Regional (10 missing)

European CERTs, CSAF/VEX federation, threat intelligence frameworks.

---

## Notes

- Language ecosystem sources (npm, pypi, maven, go) are partially covered via OSV aggregation. Direct connectors would provide faster ingestion and richer package metadata.
- CentOS advisories may be coverable via the existing RedHat connector with minor adaptation.
- CSAF connector would unlock a large number of vendor advisories via the CSAF trusted provider network.