Create a common generic enriched CVE data source - so:
- anyone can use it - for any analysis, rbp, etc...
- it can be used as the input to the 3 prioritization schemes as outlined in https://riskbasedprioritization.github.io/risk/Rbp_schemes/
- it can be centrally maintained and improved over time
Note: the CVE data source can be more than one file e.g. the CVSS data per CVE, and the enrichment data per CVE.
Create a common generic enriched CVE data source - so:
Note: the CVE data source can be more than one file e.g. the CVSS data per CVE, and the enrichment data per CVE.