f0662dd45f
- Added DefaultCryptoHmac class implementing ICryptoHmac interface. - Introduced purpose-based HMAC computation methods. - Implemented verification methods for HMACs with constant-time comparison. - Created HmacAlgorithms and HmacPurpose classes for well-known identifiers. - Added compliance profile support for HMAC algorithms. - Included asynchronous methods for HMAC computation from streams.
19 lines
954 B
JSON
19 lines
954 B
JSON
{
|
|
"id": "default-profile",
|
|
"version": "1.0.0",
|
|
"description": "Default risk profile for vulnerability prioritization",
|
|
"extends": "base-profile",
|
|
"signals": [
|
|
{ "name": "cvss", "source": "nvd", "type": "numeric", "path": "/cvss/base_score", "transform": "normalize_10", "unit": "score" },
|
|
{ "name": "kev", "source": "cisa", "type": "boolean", "path": "/kev/in_catalog" },
|
|
{ "name": "reachability", "source": "scanner", "type": "numeric", "path": "/reachability/score", "unit": "score" }
|
|
],
|
|
"weights": { "cvss": 0.4, "kev": 0.3, "reachability": 0.3 },
|
|
"overrides": {
|
|
"severity": [ { "when": { "kev": true }, "set": "critical" } ],
|
|
"decisions": [ { "when": { "kev": true, "reachability": { "$gt": 0.8 } }, "action": "deny", "reason": "KEV with high reachability" } ]
|
|
},
|
|
"metadata": { "author": "docs-guild", "created_at": "2025-12-05T00:00:00Z" },
|
|
"provenance": { "hash": "sha256:placeholder", "signed": false }
|
|
}
|