61 lines
1.7 KiB
Markdown
61 lines
1.7 KiB
Markdown
# Risk Engine
|
|
|
|
> Risk scoring runtime with pluggable providers and explainability.
|
|
|
|
## Purpose
|
|
|
|
RiskEngine computes deterministic, explainable risk scores for vulnerabilities by aggregating signals from multiple data sources (EPSS, CVSS, KEV, VEX, reachability). It produces audit trails and explainability payloads for every scoring decision.
|
|
|
|
## Quick Links
|
|
|
|
- [Architecture](./architecture.md) - Technical design and implementation details
|
|
- [Guides](./guides/) - Scoring configuration guides
|
|
- [Samples](./samples/) - Risk profile examples
|
|
|
|
## Status
|
|
|
|
| Attribute | Value |
|
|
|-----------|-------|
|
|
| **Maturity** | Production |
|
|
| **Last Reviewed** | 2025-12-29 |
|
|
| **Maintainer** | Policy Guild |
|
|
|
|
## Key Features
|
|
|
|
- **Pluggable Providers**: EPSS, CVSS+KEV, VEX status, fix availability providers
|
|
- **Deterministic Scoring**: Same inputs produce identical scores
|
|
- **Explainability**: Audit trails for every scoring decision
|
|
- **Offline Support**: Air-gapped operation via factor bundles
|
|
|
|
## Dependencies
|
|
|
|
### Upstream (this module depends on)
|
|
- **Concelier** - CVSS, KEV data
|
|
- **Excititor** - VEX status data
|
|
- **Signals** - Reachability data
|
|
- **Authority** - Authentication
|
|
|
|
### Downstream (modules that depend on this)
|
|
- **Policy Engine** - Consumes risk scores for policy evaluation
|
|
|
|
## Configuration
|
|
|
|
```yaml
|
|
risk_engine:
|
|
providers:
|
|
- epss
|
|
- cvss_kev
|
|
- vex_gate
|
|
- fix_exposure
|
|
cache_ttl_minutes: 60
|
|
```
|
|
|
|
## Notes
|
|
|
|
RiskEngine does not make PASS/FAIL decisions. It provides scores to the Policy Engine which makes enforcement decisions.
|
|
|
|
## Related Documentation
|
|
|
|
- [Policy Architecture](../policy/architecture.md)
|
|
- [Risk Scoring Contract](../../contracts/risk-scoring.md)
|