Files

master 071209a2ae Complete TASK-5 source coverage audit and archive all 20 finished sprints

Add docs/modules/concelier/source-coverage.md with 70-source audit (33/70
connectors implemented, P1 fully covered, 9 P2 gaps identified).
Archive all 20 completed sprints from docs/implplan/ to docs-archived/.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-06 09:58:33 +03:00

7.1 KiB

Raw Blame History

Advisory Source Connector Coverage Matrix

Last updated: 2026-04-06

Summary

Metric	Count
Total sources defined	70
Connectors implemented	33
Coverage rate	47%
Missing connectors	37

Coverage by Category

Primary Databases (6/6 — 100%)

Source	Display Name	Connector	Status
nvd	NVD (NIST)	`Connector.Nvd`	Complete
osv	OSV (Google)	`Connector.Osv`	Complete
ghsa	GitHub Security Advisories	`Connector.Ghsa`	Complete
cve	CVE.org (MITRE)	`Connector.Cve`	Complete
epss	EPSS (FIRST)	`Connector.Epss`	Complete
kev	CISA KEV	`Connector.Kev`	Complete

Linux Distributions (7/10 — 70%)

Source	Display Name	Connector	Status
debian	Debian Security	`Connector.DistroDebian`	Complete
ubuntu	Ubuntu Security	`Connector.DistroUbuntu`	Complete
alpine	Alpine Security	`Connector.DistroAlpine`	Complete
suse	SUSE Security	`Connector.DistroSuse`	Complete
rhel	RHEL Security	`Connector.RedHat`	Complete
astra	Astra Linux	`Connector.DistroAstra`	Complete
centos	CentOS Security	—	Missing (P2)
fedora	Fedora Security	—	Missing (P2)
arch	Arch Security	—	Missing (P3)
gentoo	Gentoo Security	—	Missing (P3)

Vendor Advisories (5/11 — 45%)

Source	Display Name	Connector	Status
oracle	Oracle Security	`Connector.VndrOracle`	Complete
apple	Apple Security	`Connector.VndrApple`	Complete
cisco	Cisco Security	`Connector.VndrCisco`	Complete
vmware	VMware Security	`Connector.Vmware`	Complete
redhat	Red Hat Security	`Connector.RedHat`	Complete
microsoft	Microsoft MSRC	—	Missing (P2)
amazon	Amazon Linux Security	—	Missing (P2)
google	Google Security	—	Missing (P2)
fortinet	Fortinet PSIRT	—	Missing (P3)
juniper	Juniper Security	—	Missing (P3)
paloalto	Palo Alto Security	—	Missing (P3)

Language Ecosystems (0/9 — 0%)

Ecosystem advisories are currently routed through OSV/GHSA. Direct connectors would add faster ingestion and richer metadata.

Source	Display Name	Priority	Status
npm	npm Advisories	P2	Missing
pypi	PyPI Advisories	P2	Missing
maven	Maven Advisories	P2	Missing
go	Go Advisories	P2	Missing
rubygems	RubyGems Advisories	P3	Missing
nuget	NuGet Advisories	P3	Missing
crates	Crates.io Advisories	P3	Missing
packagist	Packagist Advisories	P3	Missing
hex	Hex.pm Advisories	P3	Missing

Cloud Providers (0/3 — 0%)

Source	Display Name	Priority	Status
aws	AWS Security Bulletins	P3	Missing
azure	Azure Security Advisories	P3	Missing
gcp	GCP Security Bulletins	P3	Missing

National CERTs (7/13 — 54%)

Source	Display Name	Connector	Status
us-cert	CISA (US-CERT)	`Connector.IcsCisa`	Complete
cert-fr	CERT-FR (France)	`Connector.CertFr`	Complete
cert-de	CERT-Bund (Germany)	`Connector.CertBund`	Complete
jpcert	JPCERT/CC (Japan)	`Connector.Jvn`	Complete
krcert	KrCERT (South Korea)	`Connector.Kisa`	Complete
cert-in	CERT-In (India)	`Connector.CertIn`	Complete
fstec-bdu	FSTEC BDU (Russia)	`Connector.RuBdu`	Complete
nkcki	NKCKI (Russia)	`Connector.RuNkcki`	Complete
cert-at	CERT.at (Austria)	—	Missing (P4)
cert-be	CERT.be (Belgium)	—	Missing (P4)
cert-ch	NCSC-CH (Switzerland)	—	Missing (P4)
cert-eu	CERT-EU	—	Missing (P4)
cert-ua	CERT-UA (Ukraine)	—	Missing (P4)

ICS/SCADA (2/3)

Source	Display Name	Connector	Status
kaspersky-ics	Kaspersky ICS-CERT	`Connector.IcsKaspersky`	Complete
us-cert	CISA ICS	`Connector.IcsCisa`	Complete
siemens	Siemens ProductCERT	—	Missing (P3)

Exploit Databases (0/3 — 0%)

Source	Display Name	Priority	Status
exploitdb	Exploit-DB	P3	Missing
poc-github	PoC-in-GitHub	P3	Missing
metasploit	Metasploit Modules	P3	Missing

Container/Supply Chain (0/2 — 0%)

Source	Display Name	Priority	Status
docker-official	Docker Official CVEs	P3	Missing
chainguard	Chainguard Advisories	P3	Missing

Hardware/Firmware (0/3 — 0%)

Source	Display Name	Priority	Status
intel	Intel PSIRT	P3	Missing
amd	AMD Security	P3	Missing
arm	ARM Security Center	P3	Missing

Other (remaining)

Source	Display Name	Connector	Status
stella-mirror	StellaOps Mirror	`Connector.StellaMirror`	Complete (internal)
csaf	CSAF Aggregator	—	Missing (P3)
csaf-tc	CSAF TC Trusted Publishers	—	Missing (P4)
vex	VEX Hub	—	Missing (P4)
mitre-attack	MITRE ATT&CK	—	Missing (P4)
mitre-d3fend	MITRE D3FEND	—	Missing (P4)
rustsec	RustSec Advisory DB	—	Missing (P3)
pypa	PyPA Advisory DB	—	Missing (P3)
govuln	Go Vuln DB	—	Missing (P3)
bundler-audit	Ruby Advisory DB	—	Missing (P3)
auscert	AusCERT (Australia)	—	Missing (P4)
cert-pl	CERT.PL (Poland)	—	Missing (P4)

Priority Breakdown

P2 — High Value (9 missing)

These are the most impactful gaps for enterprise deployments:

microsoft — MSRC advisories cover Windows/Office/Azure; major gap for Windows-heavy estates
amazon — Amazon Linux is the default ECS/EKS base image
google — Android/Chrome/Cloud advisories
centos — Still widely deployed in legacy estates
fedora — Upstream for RHEL; early-warning value
npm — Largest package ecosystem by count
pypi — Fastest-growing ecosystem for ML/data workloads
maven — Dominant in enterprise Java
go — Growing in cloud-native infrastructure

P3 — Vendor/Infrastructure (19 missing)

Network vendors (fortinet, juniper, paloalto), cloud providers (aws, azure, gcp), exploit DBs, container sources, hardware vendors, niche ecosystems.

P4 — Niche/Regional (10 missing)

European CERTs, CSAF/VEX federation, threat intelligence frameworks.

Notes

Language ecosystem sources (npm, pypi, maven, go) are partially covered via OSV aggregation. Direct connectors would provide faster ingestion and richer package metadata.
CentOS advisories may be coverable via the existing RedHat connector with minor adaptation.
CSAF connector would unlock a large number of vendor advisories via the CSAF trusted provider network.

7.1 KiB Raw Blame History