Description
The configuration option GTI_VULNERABILITY_GET_RELATED_SOFTWARES exists and defaults to False. When enabled, it is unclear whether it fully covers all affected software data from GTI's "Products and Fixes" section.
Expected Behavior
When GTI_VULNERABILITY_GET_RELATED_SOFTWARES=True, the connector should ingest all affected software entries from the GTI API's vulnerability data, including product names, versions, and fix availability, and model them as appropriate STIX objects (Software) with relationships to the Vulnerability.
Current Behavior
The config flag exists but:
- It defaults to
False, so affected software is not ingested out of the box
- It has not been validated whether enabling it covers the full scope of GTI's "Products and Fixes" data
Action Needed
- Validate that enabling the flag ingests all affected software from GTI
- If coverage is incomplete, extend the ingestion logic
- Consider whether the default should be
True
Component
external-import/google-threat-intelligence
Description
The configuration option
GTI_VULNERABILITY_GET_RELATED_SOFTWARESexists and defaults toFalse. When enabled, it is unclear whether it fully covers all affected software data from GTI's "Products and Fixes" section.Expected Behavior
When
GTI_VULNERABILITY_GET_RELATED_SOFTWARES=True, the connector should ingest all affected software entries from the GTI API's vulnerability data, including product names, versions, and fix availability, and model them as appropriate STIX objects (Software) with relationships to the Vulnerability.Current Behavior
The config flag exists but:
False, so affected software is not ingested out of the boxAction Needed
TrueComponent
external-import/google-threat-intelligence