fleet/server/vulnerabilities/nvd/README.md

Testing CPE Translations

To improve accuracy when mapping software to CVEs, we can add data to cpe_translations.json which will get picked up by the NVD repo.

To test these changes locally, you can:

1. make the appropriate changes to cpe_translations

2. host this file on a local web server

   ./tools/file-server 8082 ./server/vulnerabilities/nvd/cpe_translations.json
   

3. (re)launch your local fleet server with the following --config

   vulnerabilities:
   cpe_translations_url: "http://localhost:8082/cpe_translations.json"
   

4. trigger the vulnerabilities scan

   fleetctl trigger --name vulnerabilities