creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-vulnerability-remediation-sla/references/api-reference.md
T
mukul975 c47eed6a64 Production hardening: security fixes, code quality, 724 skills complete 
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
2026-03-19 13:26:49 +01:00

4.7 KiB
Raw Blame History

API Reference: Vulnerability Remediation SLA Tracking

Libraries Used

Library Purpose
requests Fetch vulnerability data from scanner APIs
json Parse vulnerability and asset data
datetime Calculate SLA deadlines, time-to-remediation
csv Export SLA compliance reports

Installation

pip install requests

SLA Tiers

Severity CVSS Range SLA Deadline Description
Critical 9.0 - 10.0 24 hours Actively exploited or trivially exploitable
High 7.0 - 8.9 72 hours Remote code execution, privilege escalation
Medium 4.0 - 6.9 30 days Requires user interaction or local access
Low 0.1 - 3.9 90 days Informational, minimal impact

Core Operations

Define SLA Configuration

from datetime import datetime, timedelta

SLA_TIERS = {
    "critical": timedelta(hours=24),
    "high": timedelta(hours=72),
    "medium": timedelta(days=30),
    "low": timedelta(days=90),
}

def get_sla_deadline(severity, discovery_date):
    tier = severity.lower()
    sla_window = SLA_TIERS.get(tier, timedelta(days=90))
    return discovery_date + sla_window

Calculate SLA Status for a Vulnerability

def calculate_sla_status(vuln):
    discovery = datetime.fromisoformat(vuln["discovery_date"])
    deadline = get_sla_deadline(vuln["severity"], discovery)
    now = datetime.now()

    if vuln.get("remediated_date"):
        remediated = datetime.fromisoformat(vuln["remediated_date"])
        return {
            "cve": vuln["cve"],
            "status": "remediated",
            "met_sla": remediated <= deadline,
            "time_to_remediate_hours": (remediated - discovery).total_seconds() / 3600,
        }

    overdue = now > deadline
    hours_remaining = (deadline - now).total_seconds() / 3600 if not overdue else 0
    hours_overdue = (now - deadline).total_seconds() / 3600 if overdue else 0

    return {
        "cve": vuln["cve"],
        "status": "overdue" if overdue else "open",
        "severity": vuln["severity"],
        "deadline": deadline.isoformat(),
        "hours_remaining": round(hours_remaining, 1),
        "hours_overdue": round(hours_overdue, 1),
    }

Fetch Vulnerabilities from Tenable

import requests
import os

TENABLE_URL = "https://cloud.tenable.com"
headers = {
    "X-ApiKeys": f"accessKey={os.environ['TENABLE_ACCESS_KEY']};secretKey={os.environ['TENABLE_SECRET_KEY']}",
}

def get_open_vulnerabilities():
    resp = requests.get(
        f"{TENABLE_URL}/workbenches/vulnerabilities",
        headers=headers,
        params={"date_range": 90, "filter.0.filter": "severity", "filter.0.value": "4,3"},
        timeout=60,
    )
    resp.raise_for_status()
    return resp.json().get("vulnerabilities", [])

Generate SLA Compliance Report

def generate_sla_report(vulnerabilities):
    report = {
        "total": len(vulnerabilities),
        "by_status": {"open": 0, "overdue": 0, "remediated": 0},
        "by_severity": {"critical": 0, "high": 0, "medium": 0, "low": 0},
        "sla_compliance_rate": 0.0,
        "overdue_vulns": [],
        "mean_time_to_remediate": {},
    }

    remediated_times = {"critical": [], "high": [], "medium": [], "low": []}

    for vuln in vulnerabilities:
        status = calculate_sla_status(vuln)
        report["by_status"][status["status"]] += 1
        report["by_severity"][vuln["severity"].lower()] += 1

        if status["status"] == "overdue":
            report["overdue_vulns"].append(status)
        if status["status"] == "remediated":
            sev = vuln["severity"].lower()
            remediated_times[sev].append(status["time_to_remediate_hours"])

    total_with_deadline = report["by_status"]["remediated"] + report["by_status"]["overdue"]
    if total_with_deadline > 0:
        met_sla = sum(1 for v in vulnerabilities
                      if calculate_sla_status(v).get("met_sla", False))
        report["sla_compliance_rate"] = round(met_sla / total_with_deadline * 100, 1)

    for sev, times in remediated_times.items():
        if times:
            report["mean_time_to_remediate"][sev] = round(sum(times) / len(times), 1)

    return report

Output Format

{
  "report_date": "2025-01-15",
  "total": 245,
  "by_status": {"open": 180, "overdue": 23, "remediated": 42},
  "by_severity": {"critical": 5, "high": 28, "medium": 112, "low": 100},
  "sla_compliance_rate": 87.5,
  "mean_time_to_remediate": {
    "critical": 18.5,
    "high": 52.3,
    "medium": 480.0,
    "low": 1200.0
  },
  "overdue_vulns": [
    {
      "cve": "CVE-2024-21887",
      "severity": "critical",
      "hours_overdue": 48.5,
      "deadline": "2025-01-13T10:00:00"
    }
  ]
}
Reference in New Issue View Git Blame Copy Permalink