52 lines
1.7 KiB
Markdown
52 lines
1.7 KiB
Markdown
# Triage
|
|
|
|
**Status:** Design/Planning
|
|
**Source:** N/A (cross-cutting concept)
|
|
**Owner:** VulnExplorer Guild
|
|
|
|
## Purpose
|
|
|
|
Triage defines workflows and data structures for vulnerability triage, exploit path analysis, and proof bundle generation. Provides specifications for prioritization, evidence review, and decision capture used by VulnExplorer and Policy modules.
|
|
|
|
## Components
|
|
|
|
**Concept Documentation:**
|
|
- `exploit-path-inbox.md` - Exploit path inbox specification for automated triage
|
|
- `proof-bundle-spec.md` - Proof bundle format for evidence packaging
|
|
|
|
**Triage Workflows:**
|
|
- Automated triage (Signals-based prioritization)
|
|
- Manual triage (human review and decision)
|
|
- Exploit path analysis (reachability to exploitable sinks)
|
|
- Proof bundle generation (evidence packaging for decisions)
|
|
|
|
## Implementation Locations
|
|
|
|
Triage functionality is implemented across multiple modules:
|
|
- **VulnExplorer** - Triage UI and workflow orchestration
|
|
- **Signals** - Automated prioritization scoring
|
|
- **Policy Engine** - Exploit path analysis
|
|
- **EvidenceLocker** - Proof bundle storage
|
|
- **Notify** - Triage alert distribution
|
|
|
|
## Dependencies
|
|
|
|
- VulnExplorer (triage UI)
|
|
- Signals (prioritization)
|
|
- Policy Engine (exploit paths)
|
|
- EvidenceLocker (proof bundles)
|
|
- Notify (alerts)
|
|
|
|
## Related Documentation
|
|
|
|
- Exploit Path Inbox: `./exploit-path-inbox.md`
|
|
- Proof Bundle Spec: `./proof-bundle-spec.md`
|
|
- VulnExplorer: `../vuln-explorer/`
|
|
- Signals: `../signals/`
|
|
- Policy: `../policy/`
|
|
- EvidenceLocker: `../evidence-locker/`
|
|
|
|
## Current Status
|
|
|
|
Triage workflows documented in exploit-path-inbox.md and proof-bundle-spec.md. Implementation distributed across VulnExplorer (UI/workflows), Signals (scoring), Policy (analysis), and EvidenceLocker (proof storage) modules.
|