Skip to content

Add osquery nvd owasp docs#185

Open
kerberosmansour wants to merge 6 commits intoandrewyng:mainfrom
kerberosmansour:add-osquery-nvd-owasp-docs
Open

Add osquery nvd owasp docs#185
kerberosmansour wants to merge 6 commits intoandrewyng:mainfrom
kerberosmansour:add-osquery-nvd-owasp-docs

Conversation

@kerberosmansour
Copy link

@kerberosmansour kerberosmansour commented Mar 22, 2026

Adds 5 new Context Hub entries covering security-focused references for endpoint monitoring, vulnerability databases, and application security standards.

New entries

Entry Path Version Source
`osquery/osquery` `content/osquery/docs/osquery/` 5.13.1 osquery.readthedocs.io
`nist/nvd-cve-api` `content/nist/docs/nvd-cve-api/` 2.0 nvd.nist.gov/developers/vulnerabilities
`nist/nvd-cpe-api` `content/nist/docs/nvd-cpe-api/` 2.0 nvd.nist.gov/developers/products
`owasp/asvs` `content/owasp/docs/asvs/v5/` 5.0.0 owasp.org ASVS
`owasp/samm` `content/owasp/docs/samm/v2/` 2.0 owaspsamm.org

What's included

  • osquery — osqueryi shell, high-value tables, query patterns, SQL extensions. 3 reference files (schema, shell usage, security queries).
  • NVD CVE API — Filters, pagination, rate limits, API key, incremental sync, curl examples. 2 reference files (pagination/rate-limits, Change History API).
  • NVD CPE API — CPE names vs match strings, CPE + Match Criteria APIs. 2 reference files (match API deep-dive, CPE 2.3 format).
  • OWASP ASVS v5 — Requirement structure, referencing format (`v5.0.0-X.Y.Z`), finding mapping, verification levels. 2 reference files (v4→v5 crosswalk, CSV/JSON tooling).
  • OWASP SAMM v2 — 5 business functions / 15 practices, assessment workflow, target-setting. 2 reference files (practice/stream/level detail, interview-based assessment).

Structure

Versioned subdirectories for ASVS (v5/) and SAMM (v2/), separate author dirs (`osquery/`, `nist/`, `owasp/`), concise DOC.md files with deeper material in `references/`.

Validation

```
$ node cli/bin/chub build content/ --validate-only
Valid: 1558 docs, 7 skills, 2 warnings
```

No new warnings. 2 pre-existing warnings are unrelated.

Sources

All content from official documentation:

  • osquery: osquery.readthedocs.io, osquery.io/schema
  • NVD: nvd.nist.gov/developers
  • ASVS: owasp.org, github.com/OWASP/ASVS
  • SAMM: owaspsamm.org

@kerberosmansour
Add runbook template to .gitignore
e1248b8
@kerberosmansour
Add documentation for NVD CVE API and osquery
bd7c5ca 
- Introduced NVD CVE API v2.0 documentation, detailing usage, pagination, filters, and examples for querying vulnerabilities.
- Added CVE Change History API reference to track changes in CVE records.
- Created a guide on pagination and rate limits for NVD API usage.
- Added comprehensive documentation for osquery, including usage patterns, high-value tables, and common query examples.
- Included references for osqueryi shell usage, query patterns for security-focused incident response, and schema and tables.
@kerberosmansour
Add CPE Match API documentation for match criteria and version handling
d615cf6
@kerberosmansour
Add detailed documentation for CPE 2.3 format and match strings
771e7fd
@kerberosmansour
Add OWASP ASVS v5 documentation and machine-readable assets
aa38f65
@kerberosmansour
Add SAMM quick start and assessment guide with detailed phases and ch…
eb13be9 
…ecklists
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kerberosmansour