new: [user-manual] New section on correlations.

cedricbonhomme · cedricbonhomme · commit d5d1ad61886b · 2025-02-17T12:28:06.000+01:00
diff --git a/content/_index.md b/content/_index.md
@@ -5,7 +5,13 @@ toc: false
 
 ![Logo of Vulnerability-Lookup](/images/VL-hori-coul.jpg)
 
-Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources,
+The Vulnerability-Lookup software is a powerful sharing platform to assist
+security teams, researchers, and system administrators in identifying and
+tracking vulnerabilities related to specific vendors and products.
+By leveraging known vulnerability databases, sightings, and configurations, the software
+provides users with accurate and up-to-date insights into security risks.
+
+Vulnerability-Lookup facilitates quick [correlation](/user-manual/correlations) of vulnerabilities from various sources,
 independent of vulnerability IDs, and streamlines the management of
 Coordinated Vulnerability Disclosure (CVD).
 
@@ -26,17 +32,17 @@ feel free to create an account on the [the official instance](https://vulnerabil
 
 ## Features
 
+- **Track vulnerabilities** with your custom product watch lists and receive [email notifications](/user-manual/email-notification).
 - **API**: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
 - **Feeders**: Modular system to import vulnerabilities from [different vulnerability sources](/sources).
 - **CVD process**: Creation, edition and fork/copy of Security Advisories with the [vulnogram editor](https://github.com/Vulnogram).
   Support of local vulnerability source per Vulnerability-Lookup instance.
-- **Sightings**: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as:
+- **Sightings**: Users have the possibility to add [observations](/user-manual/sightings) to vulnerabilities with different types of sightings, such as:
   *seen*, *exploited*, *not exploited*, *confirmed*, *not confirmed*, *patched*, and *not patched*.
 - **Comments**: Ability to add, review and share comments on vulnerability advisories.
 - **Bundles**: Possibility to create bundles of vulnerability advisories with a description.
 - **RSS/Atom**: An extensive RSS and Atom support for vulnerabilities and comments.
 - **EPSS**: Integration of the Exploit Prediction Scoring System.
-- **Track vulnerabilities** effortlessly with product watch lists and email notifications.
 
 ## Funding
 
diff --git a/content/tools.md b/content/tools.md
@@ -26,7 +26,7 @@ A suite of sighting clients is already available to support this functionality:
 
 If you want to create your own sigthing tool, it's recommended to use [PyVulnerabilityLookup](https://github.com/vulnerability-lookup/PyVulnerabilityLookup), a Python library to access Vulnerability-Lookup via its REST API.
 
-More information related to the sightings can be found in the [documentation](https://www.vulnerability-lookup.org/documentation/sightings.html).
+More information related to the sightings can be found in the [user manual](/user-manual/sightings).
 
 ## Libraries to access the Vulnerability-Lookup API
 
diff --git a/content/user-manual/_index.md b/content/user-manual/_index.md
@@ -4,9 +4,10 @@ description: User Manual for vulnerability-lookup
 toc: true
 ---
 
-The Vulnerability Lookup software is a powerful tool designed to assist security teams, researchers, and system administrators in identifying and tracking vulnerabilities related to specific vendors and products. By leveraging known vulnerability databases and configurations, the software provides users with accurate and up-to-date insights into security risks.
+The Vulnerability-Lookup software is a powerful tool designed to assist security teams, researchers, and system administrators in identifying and tracking vulnerabilities related to specific vendors and products. By leveraging known vulnerability databases and configurations, the software provides users with accurate and up-to-date insights into security risks.
 
 # Index of Usage
 
+- [Correlations](./correlations)
 - [Email notification](./email-notification)
 - [Sightings](./sightings)
diff --git a/content/user-manual/correlations/index.md b/content/user-manual/correlations/index.md
@@ -0,0 +1,12 @@
+---
+title: "Correlations" 
+description: How to use correlations in Vulnerability-Lookup 
+toc: true
+---
+
+## Presentation
+
+
+Vulnerability-Lookup not only retrieves vulnerability information from various sources
+(such as NIST, PySec, and GitHub) but also connects related vulnerabilities, exploits,
+affected software, sightings, and other relevant metadata (Vulnrichment, CISA KEV).
diff --git a/content/user-manual/email-notification/index.md b/content/user-manual/email-notification/index.md
@@ -1,5 +1,5 @@
 ---
-title: "User Manual - Email Notification" 
+title: "Email Notification" 
 description: How to use the email notification in Vulnerability-Lookup 
 toc: true
 ---
@@ -15,7 +15,7 @@ Notifications come in both HTML and plain text, with CSV attachments detailing v
 
 The notification feature is accessible from your profile menu and available only to logged-in users.
 
-You can create multiple notifications, each consisting of a vendor and product definition. These definitions are derived from the known `vulnerable_configuration` and `known CPE` data of the vulnerability lookup instance. 
+You can create multiple notifications, each consisting of a vendor and product definition. These definitions are derived from the known `vulnerable_configuration` and `known CPE` data of the Vulnerability-Lookup instance. 
 
 Additionally, you can specify the notification frequency, choosing between `hourly`, `daily`, or `weekly`.
 
diff --git a/content/user-manual/sightings/index.md b/content/user-manual/sightings/index.md
@@ -1,5 +1,5 @@
 ---
-title: "User Manual - Sightings" 
+title: "Sightings" 
 description: How to use sightings in Vulnerability-Lookup 
 toc: true
 ---
@@ -49,7 +49,7 @@ To track vulnerabilities from data found on the Fediverse, you can use [`FediVul
 
 [`MISPSight`](https://github.com/vulnerability-lookup/MISPSight) is a client that retrieves vulnerability observations from a [`MISP`](https://github.com/MISP/MISP) server and pushes them to a Vulnerability-Lookup instance.
 
-[`NucleiVuln`](https://github.com/cedricbonhomme/NucleiVuln) is a client designed to monitor and retrieve vulnerability-related information from the [`Nuclei Git repository of templates`](https://github.com/projectdiscovery/nuclei-templates). Templates form the core of the Nuclei scanner. When a template is linked to a vulnerability, the resulting detection (observation) is classified as *confirmed*, signifying a higher level of certainty compared to the *seen* classification.
+[`NucleiVuln`](https://github.com/vulnerability-lookup/NucleiVuln) is a client designed to monitor and retrieve vulnerability-related information from the [`Nuclei Git repository of templates`](https://github.com/projectdiscovery/nuclei-templates). Templates form the core of the Nuclei scanner. When a template is linked to a vulnerability, the resulting detection (observation) is classified as *confirmed*, signifying a higher level of certainty compared to the *seen* classification.
 
 Our tools on the Python Package Index (PyPI):
 
