实现示例type Advisory = { cve: string; cvss: number; epss: number } type Policy = { wCvss: number; wEpss: number; block: number; warn: number } function validCvss(s: number): boolean { return s >= 0 && s <= 10 && Number.isFinite(s) } function validEpss(p: number): boolean { return p >= 0 && p <= 1 && Number.isFinite(p) } function score(a: Advisory, p: Policy): number { return a.cvss * p.wCvss + a.epss * 10 * p.wEpss } function evaluate(list: Advisory[], p: Policy): { blocked: Advisory[]; warned: Advisory[]; passed: Advisory[] } { const blocked: Advisory[] = [] const warned: Advisory[] = [] const passed: Advisory[] = [] for (const a of list) { if (!validCvss(a.cvss) || !validEpss(a.epss)) { blocked.push(a); continue } const s = score(a, p) if (s >= p.block) blocked.push(a) else if (s >= p.warn) warned.push(a) else passed.push(a) } return { blocked, warned, passed } } 审计与CI门禁记录风险分与决策;阻断项直接失败;警告项进入灰度窗口处置。权重与阈值变更需审批并回归验证。
投稿
微信公众账号
微信扫一扫加关注
评论 返回
顶部
发表评论 取消回复