
Le catalogue CVE global n’est utile que s’il devient local : périmètres, CPE, findings, statuts, export et suivi de remédiation.

Un catalogue CVE incomplet fausse les métriques, les timelines et les décisions patch. Voici pourquoi le backfill NVD est une fondation de sécurité, pas une tâche technique secondaire.

A practical engineering guide to building indicator of compromise (IOC) pipelines—ingestion, normalization, deduplication, enrichment, scoring, distribution, and feedback—to turn raw threat feeds into operational defense.

A complete guide to open source intelligence (OSINT) for security operations—tools, techniques, workflows, and legal considerations for collecting, analyzing, and operationalizing open threat data in a modern SOC.

A complete guide to the three levels of threat intelligence—strategic, operational, and tactical—with practical examples of consumers, outputs, feeds, and how to connect them into a coherent CTI program.

A practical guide to the CVE ecosystem, CVSS scoring, exploitability signals, and how security teams prioritize vulnerabilities without drowning in scanner noise.