Change Log

Weekly Software Update: Maturing CVE & Reporting Capabilities

Review the software updates for Nov 21-28, 2024. This week focused on enhancing our recently launched CVE scanning and reporting services, including full report generation and data processing pipelines.

-

Weekly Update (November 21 - November 28, 2024)

This week, our development efforts were concentrated on maturing the CVE scanning and SLA reporting services that were recently brought online. We're focused on building out their core functionalities to provide valuable insights.

Service Enhancements & Feature Rollout:

  • CVE Scanning (cve-scans, cve-scans-etl):
    • Full report generation lifecycle for cve-scans is now active. Scans initiated by cve-scans now have their results fully processed by cve-scans-etl, leading to the generation and storage of comprehensive CVE reports (JSON/PDF) in S3.
    • Integration with ai-llm for initial AI-assisted analysis (e.g., mitigation suggestions) is being established within the cve-scans service.
    • Billing checks with the auth service for scan operations are now being integrated.
  • SLA Reporting (reports):
    • The reports service can now generate complete SLA reports in both PDF (via pdf-generator) and JSON formats, storing them on S3.
    • Data fetching from faults, metrics, and schedules services is now robust, allowing for accurate SLA calculations.
    • Notification dispatch via messenger upon report completion is now active.

We continuously work on improving our services, and any deployed changes will be reflected in future changelog summaries.