{"id":31956117,"url":"https://github.com/cisagov/cyhy-kevsync-lambda","last_synced_at":"2025-10-14T14:47:59.304Z","repository":{"id":166226425,"uuid":"628100826","full_name":"cisagov/cyhy-kevsync-lambda","owner":"cisagov","description":"A Lambda to import Known Exploited Vulnerabilities (KEV) data into a Cyber Hygiene database","archived":false,"fork":false,"pushed_at":"2024-10-25T14:57:11.000Z","size":592,"stargazers_count":3,"open_issues_count":3,"forks_count":0,"subscribers_count":7,"default_branch":"develop","last_synced_at":"2024-12-25T06:06:25.712Z","etag":null,"topics":["exploited","kev","vulnerabilities","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cisagov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-14T23:18:32.000Z","updated_at":"2024-12-16T15:27:30.000Z","dependencies_parsed_at":"2024-09-12T06:34:01.726Z","dependency_job_id":"cf0c7e6f-9ea0-4146-abef-b55bee5f583c","html_url":"https://github.com/cisagov/cyhy-kevsync-lambda","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/cisagov/cyhy-kevsync-lambda","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2Fcyhy-kevsync-lambda","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2Fcyhy-kevsync-lambda/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2Fcyhy-kevsync-lambda/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2Fcyhy-kevsync-lambda/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cisagov","download_url":"https://codeload.github.com/cisagov/cyhy-kevsync-lambda/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cisagov%2Fcyhy-kevsync-lambda/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279019159,"owners_count":26086685,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploited","kev","vulnerabilities","vulnerability"],"created_at":"2025-10-14T14:47:44.671Z","updated_at":"2025-10-14T14:47:59.296Z","avatar_url":"https://github.com/cisagov.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cyhy-kevsync-lambda #\n\n[![GitHub Build Status](https://github.com/cisagov/cyhy-kevsync-lambda/workflows/build/badge.svg)](https://github.com/cisagov/cyhy-kevsync-lambda/actions)\n\nThis Lambda is designed to retrieve the [CISA Known Exploited Vulnerabilities Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)\n[JSON version](https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities_schema.json)\nand import the CVE IDs into a MongoDB collection.\n\n## Lambda configuration ##\n\nThis Lambda supports the following Lambda environment variables in its\ndeployment configuration:\n\n| Name | Description | Type | Default | Required |\n| ---- | ----------- | ---- | ------- | -------- |\n| `CYHY_CONFIG_PATH` | The path to the configuration file. | `string` | The default search behavior is used if this variable is not provided. | no |\n| `CYHY_CONFIG_SSM_PATH` | The AWS SSM Parameter Store key that contains the configuration file. | `string` | SSM will not be accessed if this variable is not provided. | no |\n| `CYHY_LOG_LEVEL` | The logging level for the Lambda. | `string` | `INFO` | no |\n\n## Building the base Lambda image ##\n\nThe base Lambda image can be built with the following command:\n\n```console\ndocker compose build\n```\n\nThis base image is used both to build a deployment package and to run the\nLambda locally.\n\n## Building a deployment package ##\n\nYou can build a deployment zip file to use when creating a new AWS Lambda\nfunction with the following command:\n\n```console\ndocker compose up build_deployment_package\n```\n\nThis will output the deployment zip file in the root directory.\n\n## Testing the Lambda locally ##\n\nCreate a configuration file named `cyhy-mine.toml` in the repository root with\nthe following content:\n\n```toml\n[kevsync]\ndb_auth_uri = \"mongodb://username:password@host.docker.internal:27018/cyhy\"\ndb_name = \"cyhy\"\njson_url = \"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\"\nlog_level = \"DEBUG\"\nschema_url = \"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities_schema.json\"\n```\n\nStart the Lambda locally with the following command:\n\n```console\ndocker compose up run_lambda_locally\n```\n\nThe Lambda can be invoked by sending a POST request to the local endpoint:\n\n```console\ncurl \"http://localhost:9000/2015-03-31/functions/function/invocations\" \\\n     --data '{}'\n```\n\n## How to update Python dependencies ##\n\nThe Python dependencies are maintained using a [Pipenv](https://github.com/pypa/pipenv)\nconfiguration for each supported Python version. Changes to requirements\nshould be made to the respective `src/py\u003cPython version\u003e/Pipfile`. More\ninformation about the `Pipfile` format can be found [here](https://pipenv.pypa.io/en/latest/basics/#example-pipfile-pipfile-lock).\nThe accompanying `Pipfile.lock` files contain the specific dependency versions\nthat will be installed. These files can be updated like so (using the Python\n3.12 configuration as an example):\n\n```console\ncd src/py3.12\npipenv lock\n```\n\n## Contributing ##\n\nWe welcome contributions!  Please see [`CONTRIBUTING.md`](CONTRIBUTING.md) for\ndetails.\n\n## License ##\n\nThis project is in the worldwide [public domain](LICENSE).\n\nThis project is in the public domain within the United States, and\ncopyright and related rights in the work worldwide are waived through\nthe [CC0 1.0 Universal public domain\ndedication](https://creativecommons.org/publicdomain/zero/1.0/).\n\nAll contributions to this project will be released under the CC0\ndedication. By submitting a pull request, you are agreeing to comply\nwith this waiver of copyright interest.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisagov%2Fcyhy-kevsync-lambda","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcisagov%2Fcyhy-kevsync-lambda","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcisagov%2Fcyhy-kevsync-lambda/lists"}