stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
cf5b72974f923126944f4dcd47e85864ebb31a3b
git.stella-ops.org/docs/features/unchecked/policy/epss-raw-feed-layer.md

37 lines
2.3 KiB
Markdown
Raw Blame History

# EPSS Raw Feed Layer (Immutable Storage)
## Module
Policy
## Status
IMPLEMENTED
## Description
EPSS feed ingestion with CSV parsing, repository storage, and enrichment jobs. Database migrations exist for EPSS risk scores storage.
## Implementation Details
- **UnknownRanker Integration**: `src/Policy/__Libraries/StellaOps.Policy.Unknowns/Services/UnknownRanker.cs` -- uses EPSS scores in exploit pressure calculation
- EPSS >= 0.90: +0.30 exploit pressure factor
- EPSS >= 0.50: +0.15 exploit pressure factor
- `UnknownRankInput.EpssScore` (decimal 0.0-1.0) feeds into scoring
- **Risk Scoring Integration**: `src/Policy/StellaOps.Policy.Engine/Scoring/` -- EPSS scores used in risk profile scoring
- `ProfileAwareScoringService.cs` -- includes EPSS in profile-aware scoring
- `RiskScoringModels.cs` -- risk scoring models with EPSS data
- `RiskScoringTriggerService.cs` -- triggers re-scoring when EPSS data updates
- **RiskSimulationService**: `src/Policy/StellaOps.Policy.Engine/Simulation/RiskSimulationService.cs` -- EPSS used as a signal in risk simulations
- Categorical signal mapping: EPSS score mapped to signal weight contributions
- **Policy Gate Integration**: `src/Policy/StellaOps.Policy.Engine/Gates/PolicyGateEvaluator.cs` -- EPSS thresholds used in gate evaluation
- **Staleness Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/StalenessEndpoints.cs` -- feed staleness monitoring
- **Risk Profile Endpoints**: `src/Policy/StellaOps.Policy.Engine/Endpoints/RiskProfileEndpoints.cs` -- profiles include EPSS configuration
- **Evidence Weighted Score**: `src/Policy/StellaOps.Policy.Engine/Scoring/EvidenceWeightedScore/` -- EPSS contributes to evidence-weighted scoring
## E2E Test Plan
- [ ] Verify EPSS score (0.95) contributes +0.30 exploit pressure factor in unknown ranking
- [ ] Verify EPSS score (0.50) contributes +0.15 exploit pressure factor
- [ ] Verify EPSS score (0.10) contributes 0 exploit pressure factor (below threshold)
- [ ] Verify risk simulation includes EPSS as a signal with weight contribution
- [ ] Verify risk scoring trigger fires when EPSS data updates
- [ ] Check staleness endpoint for EPSS feed; verify freshness status is reported
- [ ] Verify evidence-weighted score includes EPSS contribution
- [ ] Verify policy gate evaluates EPSS threshold per configuration
Reference in New Issue View Git Blame Copy Permalink