triaging-vulnerabilities-with-ssvc-framework

Featured

Triage and prioritize vulnerabilities using CISA's Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree framework to produce actionable remediation priorities.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Triaging Vulnerabilities with SSVC Framework ## Overview The Stakeholder-Specific Vulnerability Categorization (SSVC) framework, developed by Carnegie Mellon University's Software Engineering Institute (SEI) in collaboration with CISA, provides a structured decision-tree methodology for vulnerability prioritization. Unlike CVSS alone, SSVC accounts for exploitation status, technical impact, automatability, mission prevalence, and public well-being impact to produce one of four actionable outcomes: **Track**, **Track***, **Attend**, or **Act**. ## When to Use - When managing security operations that require triaging vulnerabilities with ssvc framework - When improving security program maturity and operational processes - When establishing standardized procedures for security team workflows - When integrating threat intelligence or vulnerability data into operations ## Prerequisites - Python 3.9+ with `requests`, `pandas`, and `jinja2` libraries - Access to CISA KEV catalog API and EPSS API from FIRST - NVD API key (optional, for higher rate limits) - Vulnerability scan results from tools like OpenVAS, Nessus, or Qualys ## SSVC Decision Points ### 1. Exploitation Status Assess current exploitation activity: - **None** - No evidence of active exploitation - **PoC** - Proof-of-concept exists publicly - **Active** - Active exploitation observed in the wild (check CISA KEV) ```bash # Check if a CVE is in CISA Known Exploited Vulnerabilities catalog curl -s "https://www....

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

prioritizing-vulnerabilities-with-cvss-scoring

The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum of Incident Response and Security Teams) for assessing vulnerability severity. CVSS v4.0 (r

12,642 Updated today
mukul975
AI & Automation Listed

cve-triage

Triage dependency vulnerabilities against CISA KEV, EPSS, reachability and compensating controls — turn a raw Dependabot/Snyk/osv-scanner dump into fix-now/sprint/quarter/accept decisions with rationale.

4 Updated 1 weeks ago
roodlicht
AI & Automation Featured

performing-cve-prioritization-with-kev-catalog

Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.

12,642 Updated today
mukul975
AI & Automation Listed

cve-triage

Pull CVEs against the current dependency set (osv.dev / GHSA) and classify each as exploitable / theoretical / not-applicable

1 Updated 4 days ago
bakw00ds
AI & Automation Solid

vulnerability-scanner

Security vulnerability scanning for dependencies and code, with CVE database checking and risk assessment

1,034 Updated today
a5c-ai