AdvisoryHub: Design and Evaluation of a Cross-Platform Security Advisory System for Cyber Situational Awareness
Computer Emergency Response Teams (CERTs) provide advisory, preventive, and reactive cybersecurity services for authorities, citizens, and businesses. However, their responsibility of establishing cyber situational awareness by monitoring and analyzing security advisories and vulnerabilities has become challenging due to the growing volume of information disseminated through public channels. Thus, this paper analyzes semi-structured interviews (N=17) with CERT employees to identify user requirements, which are translated into the design of a system for automatically retrieving and extracting security advisory documents from Common Security Advisory Framework (CSAF), HTML, and RSS sources. The evaluation using a CERT-based list of trusted security advisory sources (N=53) shows that the developed system can retrieve 90% of the published advisory documents, which is a significant improvement over systems only relying on the retrieval from RSS feeds (30%).
This repository contains an appendix with additional information and the source code of AdvisoryHub, which was published and presented at the 20th International Conference on Availability, Reliability and Security (ARES 2025).
If you chose to use any of the techniques or the code itself, please cite the following paper.
@inproceedings{kaufholdAdvisoryHubDesignEvaluation2025,
address = {Ghent, Belgium},
doi = {10.1007/978-3-032-00627-1_3},
title = {{AdvisoryHub}: {Design} and {Evaluation} of a {Cross}-{Platform} {Security} {Advisory} {System} for {Cyber} {Situational} {Awareness}},
language = {en},
booktitle = {Proceedings of the 20th {International} {Conference} on {Availability}, {Reliability} and {Security} ({ARES} 2025)},
author = {Kaufhold, Marc-André and Bäumler, Julian and Koukal, Nicolai and Reuter, Christian},
year = {2025}
}