stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
2e124ab50c06fae30d11eaaf6fc9e234ae0c752e
git.stella-ops.org/docs/features/checked/scanner/zero-day-window-tracking.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

1.4 KiB
Raw Blame History

Zero-Day Window Tracking

Module

Scanner

Status

VERIFIED

Description

Tracks the exposure window between vulnerability disclosure and remediation application, providing metrics on mean-time-to-remediate and zero-day exposure duration per artifact.

Implementation Details

  • Zero-Day Window Tracking:
    • src/Scanner/__Libraries/StellaOps.Scanner.Core/Models/ZeroDayWindowTracking.cs - ZeroDayWindowTracking model tracking the exposure window between vulnerability disclosure timestamp and remediation application timestamp, computing zero-day exposure duration and mean-time-to-remediate metrics per artifact

E2E Test Plan

  • Record a vulnerability disclosure event and verify the zero-day window begins tracking from the disclosure timestamp
  • Apply a remediation (patch, upgrade, VEX) and verify the exposure window is closed with correct duration calculation
  • Verify mean-time-to-remediate (MTTR) is computed across multiple vulnerabilities for an artifact
  • Verify zero-day exposure duration accounts for the time between disclosure (NVD published date) and first scan detection
  • Verify tracking handles re-opened windows (e.g., regression after a patch is reverted)

Verification

Check Result
Tier 0 - Source files exist PASS
Tier 1 - Build + code review PASS
Tier 2 - Integration tests PASS
Verified 2026-02-13T18:10:00Z