Usage of published_timestamp
#2
Comments
|
I would tend to agree with you if we were expecting data to published. In many cases, there are many automatic event adding vulnerability attributes with a timestamp which is the closer timestamp to the actual sighting. Maybe we could have the option in the tool to decide what to take depending of the use-case. |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
https://github.com/MISP/VulnerabilityLookupSighting/blob/cf3a1cd89b8416685942a72612f800c3308a981e/vulnerabilitylookupsighting/publish.py#L99
I'd rather use
published_timestampto only feed data that has been published. Generally, published data should be considered with a higher confidence level than non-published one.The text was updated successfully, but these errors were encountered: