Dataset
Cyber intelligence sample set
Synthetic KEV-shaped exploited vulnerabilities, NVD-shaped CVE severity records, CISA-advisory-shaped items, and ransomware leak-site-shaped victim claims, used by the cyber intelligence dashboard prototype. Structure is production-shaped; every record is invented and labeled SAMPLE.
Files
Schema and provenance
Generated synthetically (seeded, reproducible) for the dashboard prototype. KEV rows follow the CISA catalog schema; CVE rows follow the NVD 2.0 metrics schema; ransomware rows follow community leak-site aggregator conventions. No record describes a real vulnerability, breach, or victim. The season time series accumulates as the ETL runs; its checksum is intentionally omitted because the file grows daily by design (unlike static datasets, it is not immutable).
The published file is the accumulating season time series
(timeseries.csv): one row per snapshot date with kev_total,
kev_added_today, nvd_critical_high, ransomware_victims,
exploited_criticals, and advisories. Full daily snapshots (the complete
KEV/NVD/advisory/ransomware records and their correlations) live under
data/snapshots/{date}.json in the dashboard bundle and are downloadable
per-day from the dashboard itself via the date selector.
Because the time series grows with every ETL run it is deliberately excluded
from verify:datasets — checksums are for immutable files, and this one is
append-by-design. The immutable artifacts here are the per-day snapshots.
Changelog
- v1.0.0 Initial sample release for the cyber intelligence dashboard.
Produced for the investigation cyber-intelligence.