stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9b58589ba01342d5df7ab3bbfd7370cc970cdd21
git.stella-ops.org/docs/features/unchecked/scanner/zero-day-window-tracking.md

1.2 KiB
Raw Blame History

Zero-Day Window Tracking

Module

Scanner

Status

IMPLEMENTED

Description

Tracks the exposure window between vulnerability disclosure and remediation application, providing metrics on mean-time-to-remediate and zero-day exposure duration per artifact.

Implementation Details

  • Zero-Day Window Tracking:
    • src/Scanner/__Libraries/StellaOps.Scanner.Core/Models/ZeroDayWindowTracking.cs - ZeroDayWindowTracking model tracking the exposure window between vulnerability disclosure timestamp and remediation application timestamp, computing zero-day exposure duration and mean-time-to-remediate metrics per artifact

E2E Test Plan

  • Record a vulnerability disclosure event and verify the zero-day window begins tracking from the disclosure timestamp
  • Apply a remediation (patch, upgrade, VEX) and verify the exposure window is closed with correct duration calculation
  • Verify mean-time-to-remediate (MTTR) is computed across multiple vulnerabilities for an artifact
  • Verify zero-day exposure duration accounts for the time between disclosure (NVD published date) and first scan detection
  • Verify tracking handles re-opened windows (e.g., regression after a patch is reverted)