Spike: Investigate storing OWASP top 10 labels to vulnerabilities metadata
Summary
To support Vulnerability groping by OWASP top 10, we would require the standard convention tagging of the vulnerability to be present. Currently we do not have these details in the backend.
Note that we should also consider and investigate as it is likely that a vulnerability can be part of multiple conventions like OWASP, CWE, CVE.
Related Issues
Proposed Design
#267588[design_1692329456491.png]
Goal
At the end of this Spike investigation we should have an implementation plan on how to store OWASP top 10 labels along with the vulnerabilities metadata without the various inconsistencies in data format.
Edited by Bala Kumar