Platform Documentation

Complete guide to using the Schutz AI CVE Intelligence Platform

Table of Contents

1. Getting Started

Access Request Process

The platform requires approval for access to ensure security and proper usage:

  1. Visit the homepage and complete the access request form
  2. Provide your professional information and use case
  3. Wait for admin approval (typically 24-48 hours)
  4. Receive email notification of approval status
  5. Login with your credentials to access the platform

Required Information

  • Full name and professional email
  • Organization affiliation
  • Security role (Analyst, Engineer, Manager, etc.)
  • Intended use case for the platform

2. User Journey

1

Dashboard Access

After approval and login, users access the main dashboard which displays recent searches, platform statistics, and the CVE search interface.

2

CVE Search

Enter a CVE identifier (e.g., CVE-2024-1234) to initiate comprehensive analysis. The system validates the format and checks for cached results.

3

Results & Intelligence

Receive comprehensive vulnerability intelligence including CVSS scores, exploitation status, threat actor attribution, affected systems, and mitigation strategies.

3. CVE Analysis Process

Our AI-powered analysis engine follows a sophisticated multi-step process to provide comprehensive vulnerability intelligence:

Cache Optimization

First, the system checks for existing enrichment data within the last 24 hours to provide faster responses.

check_existing_enrichment(cve_id, max_age_hours=24)

AI Analysis Engine

If no cached data exists, the CVE Analysis Manager orchestrates comprehensive AI-powered analysis.

CVEAnalysisManager.analyze_cve(cve_id)

Multi-Source Integration

Data is gathered from CISA KEV, NVD, threat intelligence feeds, and processed through AI agents.

sources: ['CISA_KEV', 'NVD', 'AI_Analysis']

Report Generation

Results are formatted into a comprehensive VulnerabilityReport and cached for future requests.

save_enrichment_data(cve, report, sources)

4. Data Sources & Intelligence

Official Sources

  • • CISA Known Exploited Vulnerabilities (KEV)
  • • National Vulnerability Database (NVD)
  • • CVE.org Official Records

Threat Intelligence

  • • Open Source Intelligence (OSINT)
  • • Threat Actor Attribution
  • • Exploitation Campaign Data

AI Processing

  • • Agentic Analysis Engine
  • • Context Synthesis
  • • Risk Assessment

5. Technical Architecture

Data Models

Core Models

  • • UserProfile (access management)
  • • Cve (vulnerability records)
  • • EnrichmentData (analysis cache)
  • • SearchHistory (usage tracking)

Analysis Components

  • • CVEAnalysisManager
  • • VulnerabilityReport
  • • CVSSScores
  • • CISAKEVDetails

API Endpoints

Public Endpoints

  • GET / (home page)
  • POST / (access request)
  • GET /login (authentication)

Protected Endpoints

  • GET /dashboard (main interface)
  • POST /dashboard/search (CVE analysis)
  • GET /staff/requests (admin only)

6. API Reference

CVE Search API

POST /dashboard/search/

Analyze a CVE and return comprehensive intelligence.

Request Body:

{
  "cve_id": "CVE-2024-1234"
}

Response:

{
  "success": true,
  "cve_id": "CVE-2024-1234",
  "result": {
    "severity": "HIGH",
    "cvss_score": "8.1",
    "description": "...",
    "exploitation_status": "Actively Exploited",
    "attack_methods": [...],
    "affected_systems": [...],
    "mitigations": [...],
    "intelligence_sources": [...],
    "last_updated": "2024-01-15 10:30:00 UTC"
  }
}

Error Handling

The API provides detailed error responses:

  • 400 - Invalid CVE format or missing data
  • 403 - Access denied or unapproved account
  • 500 - Analysis service temporarily unavailable

For additional support or questions, please contact your system administrator.