Introduction
Defines maps different security standards into a unified set of security requirements and vulnerabilities used by Fluid Attacks.
Defines is published in a machine-readable YAML format and is used by:
Public Oath
Fluid Attacks will publish a machine-readable YAML file that contains the security requirements and vulnerabilities that Fluid Attacks uses to evaluate the security of a system.
Architecture
- Defines is managed as code using YAML documents in order to make the information easily accessible to automated programs.
- When a developer changes the data, a pipeline that validates it against a given JSON schema is triggered.
- Other software can import Defines data directly. Note that, for instance, Docs consumes this information and transforms it into the online version of Defines.
Contributing
Please read the contributing page first.
Tip
Have an idea to simplify our architecture or noticed docs that could use some love? Don't hesitate to open an issue or submit improvements.