@blamejs/exceptd-skills 0.16.15 → 0.16.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +3 -1
- package/CHANGELOG.md +8 -0
- package/README.md +5 -5
- package/bin/exceptd.js +4 -1
- package/data/_indexes/_meta.json +18 -16
- package/data/_indexes/activity-feed.json +17 -3
- package/data/_indexes/catalog-summaries.json +1 -1
- package/data/_indexes/chains.json +22854 -4010
- package/data/_indexes/currency.json +19 -1
- package/data/_indexes/frequency.json +158 -75
- package/data/_indexes/handoff-dag.json +9 -1
- package/data/_indexes/jurisdiction-map.json +9 -3
- package/data/_indexes/section-offsets.json +170 -0
- package/data/_indexes/stale-content.json +1 -1
- package/data/_indexes/summary-cards.json +81 -0
- package/data/_indexes/token-budget.json +103 -3
- package/data/_indexes/trigger-table.json +96 -1
- package/data/_indexes/xref.json +48 -1
- package/data/cwe-catalog.json +64 -6
- package/data/playbooks/cloud-iam-incident.json +26 -5
- package/data/playbooks/crypto-codebase.json +31 -8
- package/data/playbooks/decompression-dos.json +626 -0
- package/data/playbooks/framework.json +2 -0
- package/data/playbooks/multitenancy-isolation.json +660 -0
- package/manifest-snapshot.json +110 -2
- package/manifest-snapshot.sha256 +1 -1
- package/manifest.json +165 -49
- package/package.json +2 -2
- package/sbom.cdx.json +92 -32
- package/skills/decompression-dos/skill.md +83 -0
- package/skills/multitenancy-isolation/skill.md +83 -0
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"decay_formula": "100 base; -30/-20/-10/-5 at 180/90/60/30-day thresholds. forward_watch count does NOT affect the score (it's a maintenance signal, not a staleness one). Label thresholds: ≥90 current, ≥70 acceptable, ≥50 stale, <50 critical_stale."
|
|
7
7
|
},
|
|
8
8
|
"summary": {
|
|
9
|
-
"current":
|
|
9
|
+
"current": 49,
|
|
10
10
|
"acceptable": 0,
|
|
11
11
|
"stale": 0,
|
|
12
12
|
"critical_stale": 0,
|
|
@@ -121,6 +121,15 @@
|
|
|
121
121
|
"forward_watch_count": 6,
|
|
122
122
|
"action_required": false
|
|
123
123
|
},
|
|
124
|
+
{
|
|
125
|
+
"skill": "decompression-dos",
|
|
126
|
+
"last_threat_review": "2026-06-02",
|
|
127
|
+
"days_since_review": -18,
|
|
128
|
+
"currency_score": 100,
|
|
129
|
+
"currency_label": "current",
|
|
130
|
+
"forward_watch_count": 0,
|
|
131
|
+
"action_required": false
|
|
132
|
+
},
|
|
124
133
|
{
|
|
125
134
|
"skill": "defensive-countermeasure-mapping",
|
|
126
135
|
"last_threat_review": "2026-05-11",
|
|
@@ -247,6 +256,15 @@
|
|
|
247
256
|
"forward_watch_count": 6,
|
|
248
257
|
"action_required": false
|
|
249
258
|
},
|
|
259
|
+
{
|
|
260
|
+
"skill": "multitenancy-isolation",
|
|
261
|
+
"last_threat_review": "2026-06-02",
|
|
262
|
+
"days_since_review": -18,
|
|
263
|
+
"currency_score": 100,
|
|
264
|
+
"currency_label": "current",
|
|
265
|
+
"forward_watch_count": 0,
|
|
266
|
+
"action_required": false
|
|
267
|
+
},
|
|
250
268
|
{
|
|
251
269
|
"skill": "network-trust",
|
|
252
270
|
"last_threat_review": "2026-06-02",
|
|
@@ -78,10 +78,11 @@
|
|
|
78
78
|
]
|
|
79
79
|
},
|
|
80
80
|
"CWE-22": {
|
|
81
|
-
"count":
|
|
81
|
+
"count": 6,
|
|
82
82
|
"skills": [
|
|
83
83
|
"api-security",
|
|
84
84
|
"attack-surface-pentest",
|
|
85
|
+
"decompression-dos",
|
|
85
86
|
"mail-server-hardening",
|
|
86
87
|
"mcp-agent-trust",
|
|
87
88
|
"webapp-security"
|
|
@@ -309,13 +310,14 @@
|
|
|
309
310
|
]
|
|
310
311
|
},
|
|
311
312
|
"CWE-863": {
|
|
312
|
-
"count":
|
|
313
|
+
"count": 9,
|
|
313
314
|
"skills": [
|
|
314
315
|
"api-security",
|
|
315
316
|
"cloud-iam-incident",
|
|
316
317
|
"identity-assurance",
|
|
317
318
|
"idp-incident-response",
|
|
318
319
|
"mail-server-hardening",
|
|
320
|
+
"multitenancy-isolation",
|
|
319
321
|
"sector-financial",
|
|
320
322
|
"vc-wallet-trust",
|
|
321
323
|
"webapp-security"
|
|
@@ -371,9 +373,11 @@
|
|
|
371
373
|
]
|
|
372
374
|
},
|
|
373
375
|
"CWE-400": {
|
|
374
|
-
"count":
|
|
376
|
+
"count": 3,
|
|
375
377
|
"skills": [
|
|
376
|
-
"
|
|
378
|
+
"decompression-dos",
|
|
379
|
+
"mail-server-hardening",
|
|
380
|
+
"multitenancy-isolation"
|
|
377
381
|
]
|
|
378
382
|
},
|
|
379
383
|
"CWE-778": {
|
|
@@ -387,6 +391,49 @@
|
|
|
387
391
|
"skills": [
|
|
388
392
|
"self-update-integrity"
|
|
389
393
|
]
|
|
394
|
+
},
|
|
395
|
+
"CWE-639": {
|
|
396
|
+
"count": 1,
|
|
397
|
+
"skills": [
|
|
398
|
+
"multitenancy-isolation"
|
|
399
|
+
]
|
|
400
|
+
},
|
|
401
|
+
"CWE-770": {
|
|
402
|
+
"count": 2,
|
|
403
|
+
"skills": [
|
|
404
|
+
"decompression-dos",
|
|
405
|
+
"multitenancy-isolation"
|
|
406
|
+
]
|
|
407
|
+
},
|
|
408
|
+
"CWE-668": {
|
|
409
|
+
"count": 1,
|
|
410
|
+
"skills": [
|
|
411
|
+
"multitenancy-isolation"
|
|
412
|
+
]
|
|
413
|
+
},
|
|
414
|
+
"CWE-409": {
|
|
415
|
+
"count": 1,
|
|
416
|
+
"skills": [
|
|
417
|
+
"decompression-dos"
|
|
418
|
+
]
|
|
419
|
+
},
|
|
420
|
+
"CWE-1333": {
|
|
421
|
+
"count": 1,
|
|
422
|
+
"skills": [
|
|
423
|
+
"decompression-dos"
|
|
424
|
+
]
|
|
425
|
+
},
|
|
426
|
+
"CWE-776": {
|
|
427
|
+
"count": 1,
|
|
428
|
+
"skills": [
|
|
429
|
+
"decompression-dos"
|
|
430
|
+
]
|
|
431
|
+
},
|
|
432
|
+
"CWE-834": {
|
|
433
|
+
"count": 1,
|
|
434
|
+
"skills": [
|
|
435
|
+
"decompression-dos"
|
|
436
|
+
]
|
|
390
437
|
}
|
|
391
438
|
},
|
|
392
439
|
"d3fend_refs": {
|
|
@@ -572,9 +619,10 @@
|
|
|
572
619
|
},
|
|
573
620
|
"framework_gaps": {
|
|
574
621
|
"NIST-800-53-SI-2": {
|
|
575
|
-
"count":
|
|
622
|
+
"count": 4,
|
|
576
623
|
"skills": [
|
|
577
624
|
"audit-log-integrity",
|
|
625
|
+
"decompression-dos",
|
|
578
626
|
"kernel-lpe-triage",
|
|
579
627
|
"mail-server-hardening"
|
|
580
628
|
]
|
|
@@ -980,8 +1028,10 @@
|
|
|
980
1028
|
]
|
|
981
1029
|
},
|
|
982
1030
|
"AU-ISM-1556": {
|
|
983
|
-
"count":
|
|
1031
|
+
"count": 4,
|
|
984
1032
|
"skills": [
|
|
1033
|
+
"decompression-dos",
|
|
1034
|
+
"multitenancy-isolation",
|
|
985
1035
|
"sector-telecom",
|
|
986
1036
|
"self-update-integrity"
|
|
987
1037
|
]
|
|
@@ -1146,10 +1196,12 @@
|
|
|
1146
1196
|
]
|
|
1147
1197
|
},
|
|
1148
1198
|
"NIS2-Art21-network-security": {
|
|
1149
|
-
"count":
|
|
1199
|
+
"count": 6,
|
|
1150
1200
|
"skills": [
|
|
1151
1201
|
"audit-log-integrity",
|
|
1202
|
+
"decompression-dos",
|
|
1152
1203
|
"mail-server-hardening",
|
|
1204
|
+
"multitenancy-isolation",
|
|
1153
1205
|
"network-trust",
|
|
1154
1206
|
"self-update-integrity"
|
|
1155
1207
|
]
|
|
@@ -1161,8 +1213,10 @@
|
|
|
1161
1213
|
]
|
|
1162
1214
|
},
|
|
1163
1215
|
"UK-CAF-B4": {
|
|
1164
|
-
"count":
|
|
1216
|
+
"count": 4,
|
|
1165
1217
|
"skills": [
|
|
1218
|
+
"decompression-dos",
|
|
1219
|
+
"multitenancy-isolation",
|
|
1166
1220
|
"network-trust",
|
|
1167
1221
|
"self-update-integrity"
|
|
1168
1222
|
]
|
|
@@ -1178,6 +1232,12 @@
|
|
|
1178
1232
|
"skills": [
|
|
1179
1233
|
"self-update-integrity"
|
|
1180
1234
|
]
|
|
1235
|
+
},
|
|
1236
|
+
"NIST-800-53-AC-3": {
|
|
1237
|
+
"count": 1,
|
|
1238
|
+
"skills": [
|
|
1239
|
+
"multitenancy-isolation"
|
|
1240
|
+
]
|
|
1181
1241
|
}
|
|
1182
1242
|
},
|
|
1183
1243
|
"atlas_refs": {
|
|
@@ -1306,10 +1366,11 @@
|
|
|
1306
1366
|
]
|
|
1307
1367
|
},
|
|
1308
1368
|
"T1059": {
|
|
1309
|
-
"count":
|
|
1369
|
+
"count": 6,
|
|
1310
1370
|
"skills": [
|
|
1311
1371
|
"ai-attack-surface",
|
|
1312
1372
|
"attack-surface-pentest",
|
|
1373
|
+
"decompression-dos",
|
|
1313
1374
|
"mcp-agent-trust",
|
|
1314
1375
|
"ransomware-response",
|
|
1315
1376
|
"webapp-security"
|
|
@@ -1376,7 +1437,7 @@
|
|
|
1376
1437
|
]
|
|
1377
1438
|
},
|
|
1378
1439
|
"T1078": {
|
|
1379
|
-
"count":
|
|
1440
|
+
"count": 14,
|
|
1380
1441
|
"skills": [
|
|
1381
1442
|
"age-gates-child-safety",
|
|
1382
1443
|
"api-security",
|
|
@@ -1386,6 +1447,7 @@
|
|
|
1386
1447
|
"email-security-anti-phishing",
|
|
1387
1448
|
"identity-assurance",
|
|
1388
1449
|
"incident-response-playbook",
|
|
1450
|
+
"multitenancy-isolation",
|
|
1389
1451
|
"ransomware-response",
|
|
1390
1452
|
"sector-energy",
|
|
1391
1453
|
"sector-financial",
|
|
@@ -1406,10 +1468,11 @@
|
|
|
1406
1468
|
]
|
|
1407
1469
|
},
|
|
1408
1470
|
"T1530": {
|
|
1409
|
-
"count":
|
|
1471
|
+
"count": 4,
|
|
1410
1472
|
"skills": [
|
|
1411
1473
|
"cloud-security",
|
|
1412
1474
|
"dlp-gap-analysis",
|
|
1475
|
+
"multitenancy-isolation",
|
|
1413
1476
|
"sector-healthcare"
|
|
1414
1477
|
]
|
|
1415
1478
|
},
|
|
@@ -1630,6 +1693,20 @@
|
|
|
1630
1693
|
"skills": [
|
|
1631
1694
|
"self-update-integrity"
|
|
1632
1695
|
]
|
|
1696
|
+
},
|
|
1697
|
+
"T1499": {
|
|
1698
|
+
"count": 2,
|
|
1699
|
+
"skills": [
|
|
1700
|
+
"decompression-dos",
|
|
1701
|
+
"multitenancy-isolation"
|
|
1702
|
+
]
|
|
1703
|
+
},
|
|
1704
|
+
"T1499.001": {
|
|
1705
|
+
"count": 2,
|
|
1706
|
+
"skills": [
|
|
1707
|
+
"decompression-dos",
|
|
1708
|
+
"multitenancy-isolation"
|
|
1709
|
+
]
|
|
1633
1710
|
}
|
|
1634
1711
|
},
|
|
1635
1712
|
"rfc_refs": {
|
|
@@ -1841,13 +1918,14 @@
|
|
|
1841
1918
|
},
|
|
1842
1919
|
{
|
|
1843
1920
|
"id": "CWE-863",
|
|
1844
|
-
"count":
|
|
1921
|
+
"count": 9,
|
|
1845
1922
|
"skills": [
|
|
1846
1923
|
"api-security",
|
|
1847
1924
|
"cloud-iam-incident",
|
|
1848
1925
|
"identity-assurance",
|
|
1849
1926
|
"idp-incident-response",
|
|
1850
1927
|
"mail-server-hardening",
|
|
1928
|
+
"multitenancy-isolation",
|
|
1851
1929
|
"sector-financial",
|
|
1852
1930
|
"vc-wallet-trust",
|
|
1853
1931
|
"webapp-security"
|
|
@@ -1929,26 +2007,26 @@
|
|
|
1929
2007
|
]
|
|
1930
2008
|
},
|
|
1931
2009
|
{
|
|
1932
|
-
"id": "CWE-
|
|
2010
|
+
"id": "CWE-22",
|
|
1933
2011
|
"count": 6,
|
|
1934
2012
|
"skills": [
|
|
2013
|
+
"api-security",
|
|
1935
2014
|
"attack-surface-pentest",
|
|
1936
|
-
"
|
|
1937
|
-
"
|
|
1938
|
-
"
|
|
1939
|
-
"idp-incident-response",
|
|
2015
|
+
"decompression-dos",
|
|
2016
|
+
"mail-server-hardening",
|
|
2017
|
+
"mcp-agent-trust",
|
|
1940
2018
|
"webapp-security"
|
|
1941
2019
|
]
|
|
1942
2020
|
},
|
|
1943
2021
|
{
|
|
1944
|
-
"id": "CWE-
|
|
2022
|
+
"id": "CWE-269",
|
|
1945
2023
|
"count": 6,
|
|
1946
2024
|
"skills": [
|
|
1947
2025
|
"attack-surface-pentest",
|
|
1948
2026
|
"cloud-iam-incident",
|
|
1949
|
-
"cloud-security",
|
|
1950
2027
|
"container-runtime-security",
|
|
1951
2028
|
"identity-assurance",
|
|
2029
|
+
"idp-incident-response",
|
|
1952
2030
|
"webapp-security"
|
|
1953
2031
|
]
|
|
1954
2032
|
}
|
|
@@ -2111,6 +2189,18 @@
|
|
|
2111
2189
|
"webapp-security"
|
|
2112
2190
|
]
|
|
2113
2191
|
},
|
|
2192
|
+
{
|
|
2193
|
+
"id": "NIS2-Art21-network-security",
|
|
2194
|
+
"count": 6,
|
|
2195
|
+
"skills": [
|
|
2196
|
+
"audit-log-integrity",
|
|
2197
|
+
"decompression-dos",
|
|
2198
|
+
"mail-server-hardening",
|
|
2199
|
+
"multitenancy-isolation",
|
|
2200
|
+
"network-trust",
|
|
2201
|
+
"self-update-integrity"
|
|
2202
|
+
]
|
|
2203
|
+
},
|
|
2114
2204
|
{
|
|
2115
2205
|
"id": "ISO-27001-2022-A.8.30",
|
|
2116
2206
|
"count": 5,
|
|
@@ -2133,6 +2223,16 @@
|
|
|
2133
2223
|
"incident-response-playbook"
|
|
2134
2224
|
]
|
|
2135
2225
|
},
|
|
2226
|
+
{
|
|
2227
|
+
"id": "AU-ISM-1556",
|
|
2228
|
+
"count": 4,
|
|
2229
|
+
"skills": [
|
|
2230
|
+
"decompression-dos",
|
|
2231
|
+
"multitenancy-isolation",
|
|
2232
|
+
"sector-telecom",
|
|
2233
|
+
"self-update-integrity"
|
|
2234
|
+
]
|
|
2235
|
+
},
|
|
2136
2236
|
{
|
|
2137
2237
|
"id": "FedRAMP-Rev5-Moderate",
|
|
2138
2238
|
"count": 4,
|
|
@@ -2162,26 +2262,6 @@
|
|
|
2162
2262
|
"mlops-security",
|
|
2163
2263
|
"threat-modeling-methodology"
|
|
2164
2264
|
]
|
|
2165
|
-
},
|
|
2166
|
-
{
|
|
2167
|
-
"id": "NIS2-Art21-network-security",
|
|
2168
|
-
"count": 4,
|
|
2169
|
-
"skills": [
|
|
2170
|
-
"audit-log-integrity",
|
|
2171
|
-
"mail-server-hardening",
|
|
2172
|
-
"network-trust",
|
|
2173
|
-
"self-update-integrity"
|
|
2174
|
-
]
|
|
2175
|
-
},
|
|
2176
|
-
{
|
|
2177
|
-
"id": "NIS2-Art21-patch-management",
|
|
2178
|
-
"count": 4,
|
|
2179
|
-
"skills": [
|
|
2180
|
-
"attack-surface-pentest",
|
|
2181
|
-
"kernel-lpe-triage",
|
|
2182
|
-
"ot-ics-security",
|
|
2183
|
-
"sector-energy"
|
|
2184
|
-
]
|
|
2185
2265
|
}
|
|
2186
2266
|
],
|
|
2187
2267
|
"atlas_refs": [
|
|
@@ -2298,6 +2378,26 @@
|
|
|
2298
2378
|
}
|
|
2299
2379
|
],
|
|
2300
2380
|
"attack_refs": [
|
|
2381
|
+
{
|
|
2382
|
+
"id": "T1078",
|
|
2383
|
+
"count": 14,
|
|
2384
|
+
"skills": [
|
|
2385
|
+
"age-gates-child-safety",
|
|
2386
|
+
"api-security",
|
|
2387
|
+
"attack-surface-pentest",
|
|
2388
|
+
"cloud-iam-incident",
|
|
2389
|
+
"cloud-security",
|
|
2390
|
+
"email-security-anti-phishing",
|
|
2391
|
+
"identity-assurance",
|
|
2392
|
+
"incident-response-playbook",
|
|
2393
|
+
"multitenancy-isolation",
|
|
2394
|
+
"ransomware-response",
|
|
2395
|
+
"sector-energy",
|
|
2396
|
+
"sector-financial",
|
|
2397
|
+
"sector-healthcare",
|
|
2398
|
+
"sector-telecom"
|
|
2399
|
+
]
|
|
2400
|
+
},
|
|
2301
2401
|
{
|
|
2302
2402
|
"id": "T1190",
|
|
2303
2403
|
"count": 14,
|
|
@@ -2318,25 +2418,6 @@
|
|
|
2318
2418
|
"webapp-security"
|
|
2319
2419
|
]
|
|
2320
2420
|
},
|
|
2321
|
-
{
|
|
2322
|
-
"id": "T1078",
|
|
2323
|
-
"count": 13,
|
|
2324
|
-
"skills": [
|
|
2325
|
-
"age-gates-child-safety",
|
|
2326
|
-
"api-security",
|
|
2327
|
-
"attack-surface-pentest",
|
|
2328
|
-
"cloud-iam-incident",
|
|
2329
|
-
"cloud-security",
|
|
2330
|
-
"email-security-anti-phishing",
|
|
2331
|
-
"identity-assurance",
|
|
2332
|
-
"incident-response-playbook",
|
|
2333
|
-
"ransomware-response",
|
|
2334
|
-
"sector-energy",
|
|
2335
|
-
"sector-financial",
|
|
2336
|
-
"sector-healthcare",
|
|
2337
|
-
"sector-telecom"
|
|
2338
|
-
]
|
|
2339
|
-
},
|
|
2340
2421
|
{
|
|
2341
2422
|
"id": "T1567",
|
|
2342
2423
|
"count": 7,
|
|
@@ -2352,10 +2433,11 @@
|
|
|
2352
2433
|
},
|
|
2353
2434
|
{
|
|
2354
2435
|
"id": "T1059",
|
|
2355
|
-
"count":
|
|
2436
|
+
"count": 6,
|
|
2356
2437
|
"skills": [
|
|
2357
2438
|
"ai-attack-surface",
|
|
2358
2439
|
"attack-surface-pentest",
|
|
2440
|
+
"decompression-dos",
|
|
2359
2441
|
"mcp-agent-trust",
|
|
2360
2442
|
"ransomware-response",
|
|
2361
2443
|
"webapp-security"
|
|
@@ -2371,6 +2453,16 @@
|
|
|
2371
2453
|
"supply-chain-integrity"
|
|
2372
2454
|
]
|
|
2373
2455
|
},
|
|
2456
|
+
{
|
|
2457
|
+
"id": "T1530",
|
|
2458
|
+
"count": 4,
|
|
2459
|
+
"skills": [
|
|
2460
|
+
"cloud-security",
|
|
2461
|
+
"dlp-gap-analysis",
|
|
2462
|
+
"multitenancy-isolation",
|
|
2463
|
+
"sector-healthcare"
|
|
2464
|
+
]
|
|
2465
|
+
},
|
|
2374
2466
|
{
|
|
2375
2467
|
"id": "T1556",
|
|
2376
2468
|
"count": 4,
|
|
@@ -2399,15 +2491,6 @@
|
|
|
2399
2491
|
"sector-financial"
|
|
2400
2492
|
]
|
|
2401
2493
|
},
|
|
2402
|
-
{
|
|
2403
|
-
"id": "T1530",
|
|
2404
|
-
"count": 3,
|
|
2405
|
-
"skills": [
|
|
2406
|
-
"cloud-security",
|
|
2407
|
-
"dlp-gap-analysis",
|
|
2408
|
-
"sector-healthcare"
|
|
2409
|
-
]
|
|
2410
|
-
},
|
|
2411
2494
|
{
|
|
2412
2495
|
"id": "T0855",
|
|
2413
2496
|
"count": 2,
|
|
@@ -2537,12 +2620,17 @@
|
|
|
2537
2620
|
},
|
|
2538
2621
|
"orphan_adjacent": {
|
|
2539
2622
|
"cwe_refs": [
|
|
2623
|
+
"CWE-1333",
|
|
2540
2624
|
"CWE-20",
|
|
2541
2625
|
"CWE-327",
|
|
2542
2626
|
"CWE-353",
|
|
2543
|
-
"CWE-
|
|
2627
|
+
"CWE-409",
|
|
2544
2628
|
"CWE-611",
|
|
2629
|
+
"CWE-639",
|
|
2630
|
+
"CWE-668",
|
|
2631
|
+
"CWE-776",
|
|
2545
2632
|
"CWE-778",
|
|
2633
|
+
"CWE-834",
|
|
2546
2634
|
"CWE-93"
|
|
2547
2635
|
],
|
|
2548
2636
|
"d3fend_refs": [
|
|
@@ -2576,6 +2664,7 @@
|
|
|
2576
2664
|
"Insurance-Carrier-24h-Notification",
|
|
2577
2665
|
"NIS2-Annex-I-Telecom",
|
|
2578
2666
|
"NIST-800-53-AC-2-Cross-Account",
|
|
2667
|
+
"NIST-800-53-AC-3",
|
|
2579
2668
|
"NIST-800-53-SI-12",
|
|
2580
2669
|
"NIST-800-53-SR-11",
|
|
2581
2670
|
"OFAC-SDN-Payment-Block",
|
|
@@ -2734,14 +2823,12 @@
|
|
|
2734
2823
|
"CWE-601",
|
|
2735
2824
|
"CWE-613",
|
|
2736
2825
|
"CWE-614",
|
|
2737
|
-
"CWE-639",
|
|
2738
2826
|
"CWE-640",
|
|
2739
2827
|
"CWE-641",
|
|
2740
2828
|
"CWE-642",
|
|
2741
2829
|
"CWE-643",
|
|
2742
2830
|
"CWE-648",
|
|
2743
2831
|
"CWE-667",
|
|
2744
|
-
"CWE-668",
|
|
2745
2832
|
"CWE-669",
|
|
2746
2833
|
"CWE-680",
|
|
2747
2834
|
"CWE-693",
|
|
@@ -2753,13 +2840,10 @@
|
|
|
2753
2840
|
"CWE-755",
|
|
2754
2841
|
"CWE-759",
|
|
2755
2842
|
"CWE-760",
|
|
2756
|
-
"CWE-770",
|
|
2757
2843
|
"CWE-772",
|
|
2758
|
-
"CWE-776",
|
|
2759
2844
|
"CWE-779",
|
|
2760
2845
|
"CWE-807",
|
|
2761
2846
|
"CWE-822",
|
|
2762
|
-
"CWE-834",
|
|
2763
2847
|
"CWE-835",
|
|
2764
2848
|
"CWE-843",
|
|
2765
2849
|
"CWE-88",
|
|
@@ -3451,7 +3535,6 @@
|
|
|
3451
3535
|
"NIST-800-218-SSDF-PO.4.2",
|
|
3452
3536
|
"NIST-800-218-SSDF-PW.4",
|
|
3453
3537
|
"NIST-800-218-SSDF-PW.7.1",
|
|
3454
|
-
"NIST-800-53-AC-3",
|
|
3455
3538
|
"NIST-800-53-AC-6",
|
|
3456
3539
|
"NIST-800-53-AU-9",
|
|
3457
3540
|
"NIST-800-53-CM-3",
|
|
@@ -12,6 +12,7 @@
|
|
|
12
12
|
"compliance-theater",
|
|
13
13
|
"container-runtime-security",
|
|
14
14
|
"coordinated-vuln-disclosure",
|
|
15
|
+
"decompression-dos",
|
|
15
16
|
"defensive-countermeasure-mapping",
|
|
16
17
|
"dlp-gap-analysis",
|
|
17
18
|
"email-security-anti-phishing",
|
|
@@ -26,6 +27,7 @@
|
|
|
26
27
|
"mail-server-hardening",
|
|
27
28
|
"mcp-agent-trust",
|
|
28
29
|
"mlops-security",
|
|
30
|
+
"multitenancy-isolation",
|
|
29
31
|
"network-trust",
|
|
30
32
|
"ot-ics-security",
|
|
31
33
|
"policy-exception-gen",
|
|
@@ -523,7 +525,9 @@
|
|
|
523
525
|
"mail-server-hardening": [],
|
|
524
526
|
"network-trust": [],
|
|
525
527
|
"audit-log-integrity": [],
|
|
526
|
-
"self-update-integrity": []
|
|
528
|
+
"self-update-integrity": [],
|
|
529
|
+
"multitenancy-isolation": [],
|
|
530
|
+
"decompression-dos": []
|
|
527
531
|
},
|
|
528
532
|
"in_degree": {
|
|
529
533
|
"age-gates-child-safety": 1,
|
|
@@ -538,6 +542,7 @@
|
|
|
538
542
|
"compliance-theater": 30,
|
|
539
543
|
"container-runtime-security": 4,
|
|
540
544
|
"coordinated-vuln-disclosure": 12,
|
|
545
|
+
"decompression-dos": 0,
|
|
541
546
|
"defensive-countermeasure-mapping": 18,
|
|
542
547
|
"dlp-gap-analysis": 15,
|
|
543
548
|
"email-security-anti-phishing": 6,
|
|
@@ -552,6 +557,7 @@
|
|
|
552
557
|
"mail-server-hardening": 0,
|
|
553
558
|
"mcp-agent-trust": 22,
|
|
554
559
|
"mlops-security": 6,
|
|
560
|
+
"multitenancy-isolation": 0,
|
|
555
561
|
"network-trust": 0,
|
|
556
562
|
"ot-ics-security": 4,
|
|
557
563
|
"policy-exception-gen": 16,
|
|
@@ -587,6 +593,7 @@
|
|
|
587
593
|
"compliance-theater": 12,
|
|
588
594
|
"container-runtime-security": 18,
|
|
589
595
|
"coordinated-vuln-disclosure": 12,
|
|
596
|
+
"decompression-dos": 0,
|
|
590
597
|
"defensive-countermeasure-mapping": 6,
|
|
591
598
|
"dlp-gap-analysis": 4,
|
|
592
599
|
"email-security-anti-phishing": 6,
|
|
@@ -601,6 +608,7 @@
|
|
|
601
608
|
"mail-server-hardening": 0,
|
|
602
609
|
"mcp-agent-trust": 7,
|
|
603
610
|
"mlops-security": 10,
|
|
611
|
+
"multitenancy-isolation": 0,
|
|
604
612
|
"network-trust": 0,
|
|
605
613
|
"ot-ics-security": 14,
|
|
606
614
|
"policy-exception-gen": 0,
|
|
@@ -13,6 +13,7 @@
|
|
|
13
13
|
"compliance-theater",
|
|
14
14
|
"container-runtime-security",
|
|
15
15
|
"coordinated-vuln-disclosure",
|
|
16
|
+
"decompression-dos",
|
|
16
17
|
"defensive-countermeasure-mapping",
|
|
17
18
|
"dlp-gap-analysis",
|
|
18
19
|
"email-security-anti-phishing",
|
|
@@ -27,6 +28,7 @@
|
|
|
27
28
|
"mail-server-hardening",
|
|
28
29
|
"mcp-agent-trust",
|
|
29
30
|
"mlops-security",
|
|
31
|
+
"multitenancy-isolation",
|
|
30
32
|
"network-trust",
|
|
31
33
|
"ot-ics-security",
|
|
32
34
|
"policy-exception-gen",
|
|
@@ -50,7 +52,7 @@
|
|
|
50
52
|
"zeroday-gap-learn"
|
|
51
53
|
],
|
|
52
54
|
"example_excerpts": {},
|
|
53
|
-
"skill_count":
|
|
55
|
+
"skill_count": 49
|
|
54
56
|
},
|
|
55
57
|
"UK": {
|
|
56
58
|
"skills": [
|
|
@@ -65,6 +67,7 @@
|
|
|
65
67
|
"compliance-theater",
|
|
66
68
|
"container-runtime-security",
|
|
67
69
|
"coordinated-vuln-disclosure",
|
|
70
|
+
"decompression-dos",
|
|
68
71
|
"defensive-countermeasure-mapping",
|
|
69
72
|
"dlp-gap-analysis",
|
|
70
73
|
"email-security-anti-phishing",
|
|
@@ -78,6 +81,7 @@
|
|
|
78
81
|
"kernel-lpe-triage",
|
|
79
82
|
"mcp-agent-trust",
|
|
80
83
|
"mlops-security",
|
|
84
|
+
"multitenancy-isolation",
|
|
81
85
|
"network-trust",
|
|
82
86
|
"ot-ics-security",
|
|
83
87
|
"policy-exception-gen",
|
|
@@ -101,7 +105,7 @@
|
|
|
101
105
|
"zeroday-gap-learn"
|
|
102
106
|
],
|
|
103
107
|
"example_excerpts": {},
|
|
104
|
-
"skill_count":
|
|
108
|
+
"skill_count": 47
|
|
105
109
|
},
|
|
106
110
|
"AU": {
|
|
107
111
|
"skills": [
|
|
@@ -116,6 +120,7 @@
|
|
|
116
120
|
"compliance-theater",
|
|
117
121
|
"container-runtime-security",
|
|
118
122
|
"coordinated-vuln-disclosure",
|
|
123
|
+
"decompression-dos",
|
|
119
124
|
"defensive-countermeasure-mapping",
|
|
120
125
|
"dlp-gap-analysis",
|
|
121
126
|
"email-security-anti-phishing",
|
|
@@ -129,6 +134,7 @@
|
|
|
129
134
|
"kernel-lpe-triage",
|
|
130
135
|
"mcp-agent-trust",
|
|
131
136
|
"mlops-security",
|
|
137
|
+
"multitenancy-isolation",
|
|
132
138
|
"ot-ics-security",
|
|
133
139
|
"policy-exception-gen",
|
|
134
140
|
"pqc-first",
|
|
@@ -150,7 +156,7 @@
|
|
|
150
156
|
"zeroday-gap-learn"
|
|
151
157
|
],
|
|
152
158
|
"example_excerpts": {},
|
|
153
|
-
"skill_count":
|
|
159
|
+
"skill_count": 45
|
|
154
160
|
},
|
|
155
161
|
"SG": {
|
|
156
162
|
"skills": [
|