Modify 7,8,9 Menus

menu/6_self-check.md

@@ -11,10 +11,10 @@ In Self-Check, you can easily check information such as licenses and vulnerabili
 ## Information that can be checked through Self-Check
 
 You can check the information below by creating a Self-Check Project and entering the OSS to be reviewed.
-- OSS detailed information : Registered Version, License by Version, Copyright, Homepage, Download Location, etc.
-- License details : Type of license, obligations, restrictions, full license, etc.
-- User Guide : Precautions when using the relevant OSS, etc.
-- Vulnerability : Security vulnerability information provided by NVD (National Vulnerability Database)
+- **OSS Detailed Information**: Registered version, license by version, copyright, homepage, download location, etc.
+- **License Detailed Information**: Type of license, obligations, restrictions, full text of the license, etc.
+- **User Guide**: Precautions when using the OSS, etc.
+- **Vulnerability**: Security vulnerability information provided by NVD (National Vulnerability Database)
 
 ## Verification procedure through Self-Check
 Self-Check can be done through the following procedure.
@@ -23,37 +23,52 @@ Self-Check can be done through the following procedure.
 1. Click the Add button at the top right of the Self-Check List.
 2. Enter the relevant information and click Save.
 3. You can check the newly created Self-Check Project in the Self-Check List, and double-click the list to check the details.
+<br>
 
 ### 2. OSS information input
-1. Enter OSS information on OSS Table
-    - Click the + button to add a row, enter the OSS you want to check, and save.
-2. Load OSS information from FOSSLight Report file
-    1. Upload the FOSSLight Report containing the OSS list in the Upload Analysis Result column.
-        - Uploadable FOSSLight Report form can be downloaded by clicking the Export button.
-    2. Select the sheet to load and click OK.  
-    ![select_sheet](images/6_self_select_sheet.png)
-    3. Click the Save button.
+#### Enter OSS information on OSS Table
+Click the + button to add a row, enter the OSS you want to check, and save.
+#### Load OSS information from FOSSLight Report file
+- Upload the FOSSLight Report containing the OSS list in the Upload Analysis Result column.     Uploadable FOSSLight Report form can be downloaded by clicking the Export button.
+    ![selfcheck_add_oss_1](images/6_self_check_add_oss_1.PNG)
+- Select the sheet to load and click OK.  
+    ![selfcheck_add_oss_2](images/6_self_check_add_oss_2.PNG)
+- Click the Save button(<img src="images/save_button.PNG" width="20" height="20" />).
 
+
+#### (LGE Only) Load the FOSSLight Scanner Service analysis results by entering the URL.
+**FOSSLight Hub's Self-check is integrated with [FOSSLight Scanner Service](http://fs.lge.com/).**
+- Create a Self-check project.
+- Select URL and enter the source link to be analyzed (a link that can be downloaded using wget or git clone) and click Send button.
+    ![selfcheck_add_oss_3](images/6_self_check_add_oss_3.PNG)
+
+- You can confirm that the project has been created on [FOSSLight Scanner Service](http://fs.lge.com/).
+    ![selfcheck_fs_list](images/6_self_check_fs_list.png)
+
+<br>
+
 ### 3. Check OSS and License information
-![oss_table](images/6_self_oss_table.png)
+![oss_table](images/6_self_check_oss_table.PNG)
 #### Warning Messages
-- Unconfirmed open source : Displayed when the same OSS Name is not registered in FOSSLight Hub.
-- Unconfirmed version : Displayed when there is the same OSS Name in FOSSLight Hub, but the same version is not registered.
-- This field is required : Displayed when license information is not entered. (Not required for Self-Check.)
-- Non-included license : Displayed when the same OSS Name and OSS Version are registered in FOSSLight Hub, but different from the existing registered license.
+
+| Message                 | Meaning |
+|-------------------------|-----|
+| Unconfirmed open source | Displayed when the same OSS Name is not registered in FOSSLight Hub. | 
+| Unconfirmed version | Displayed when the same OSS Name is registered in FOSSLight Hub, but the same version is not registered. |
+| This field is required | Displayed when the License information is not entered.     <br>(This is not a mandatory field in Self-Check.) | 
+| Non-included license | Displayed when the same OSS Name and OSS Version are registered in FOSSLight Hub, but the registered License is different. |
 
 #### OSS and License information
-If you click the icon in the column below, detailed information of registered OSS, detailed information about the license, and guide for the corresponding license are provided.
-However, even for registered OSS, User Guide may not be provided.
-- OSS Detail : Detailed information such as multiple versions of registered OSS, each license, and copyright are provided in a pop-up window.
-- License Detail : Detailed information of the license used by the relevant OSS and license text are provided in a pop-up window.
-- User Guide : Links to information that can be referenced when using the license are provided.
+Clicking the icon in the column below provides detailed information about the registered OSS, detailed information about the License, and a guide for the License. However, even for registered OSS, a User Guide may not be provided.
+- **OSS Detail**: Detailed information such as various versions of the registered OSS, each License, and Copyright is provided in a popup window.
+- **License Detail**: Detailed information about the License used by the OSS and the License Text are provided in a popup window.
+- **User Guide**: Links to information that can be referenced when using the License are provided.
 
 #### Obligations/restrictions according to the use of OSS
-❕ Details can be checked in the License List.
-- Obligation > Notify icon : indicates that you are obligated to notify copyright or license (or both).
-- Obligation > Source icon : It means you are obligated to disclose the source code.
-- Restriction icon : It means that there are restrictions on using the OSS.  
+❕ Details can be checked in the [**License List**](2_license.md).
+- **Obligation > Notify icon**(<img src="images/6_self_check_notice_icon.PNG" width="20" height="20" />): You are obligated to notify copyright or license (or both).
+- **Obligation > Source icon**(<img src="images/6_self_check_src_icon.PNG" width="20" height="20" />): You are obligated to disclose the source code.
+- **Restriction icon**: there are restrictions on using the OSS.  
 (E.g., restrictions on modification, restrictions on commercial use, etc.)
 
 ### 4. Vulnerability information check
@@ -62,16 +77,17 @@ However, even for registered OSS, User Guide may not be provided.
 - Confirmation with an export file (.xlsx) : An Excel file containing a list of all described OSS and vulnerability information is downloaded.
 - Detailed information related to Vulnerability can be found in [Vulnerability](7_vulnerability.md).
 ```
-1. Check in FOSSLight Hub UI
-![self_pop](images/6_self_pop.png)
+
+#### 1. Check in FOSSLight Hub UI
+![self_pop](images/6_self_check_vul.PNG)
 When you click the Vulnerability icon, the vulnerability information of the corresponding OSS Name and OSS Version is provided in a pop-up window.
 
-2. Confirm with export file
-    - Self-Check Sheet
-    ![self_check_sheet](images/6_self_sheet1.png)
+#### 2. Confirm with export file
+- **Self-Check Sheet**
+    ![self_check_sheet](images/6_self_sheet1.png)   
     The OSS list entered by the user is described in accordance with the FOSSLight Report form.  
     The information in this tab can be used later in Identification of [Project](4_project.md).
-    - Vulnerability Sheet
-    ![self_check_sheet2](images/6_self_sheet2.png)
+- **Vulnerability Sheet**
+    ![self_check_sheet2](images/6_self_sheet2.png)  
     The entered version and higher version information of the OSS where vulnerability information was found are described.  
-    At this time, if you click the Vulnerability Link, you can check the CVE-ID of the corresponding OSS Name and OSS Version. 
+    At this time, by clicking the Vulnerability Link, you can check the CVE-ID of the OSS Name and OSS Version. 

menu/7_vulnerability.md

@@ -8,47 +8,51 @@ You can check the vulnerabilities in Open Source and related information (CVE ID
 ```
 
 ## Vulnerability List
-![VulList](images/7_vul_list.png)
-You can check and search information on the highest vulnerability by version of Open Source provided in NVD Data Feeds of NVD (NATIONAL VULNERABILITY DATABASE).
-1. You can search by setting the search conditions (OSS Name, OSS Version, CVE ID).
-    - OSS Name and OSS Version are irrelevant to the OSS registered in the OSS List, and mean NVD Data Feeds Product Name and Version.
-    - When searching after checking exact match, only results that match the search term in the OSS Name field are searched.
-    - In the case of CVE ID, only exact match results are searched.
-2. Search Results
-    - When clicking the OSS Name link : All CVE results searched for each version of the OSS name and nickname of the row are displayed in a pop-up.
-        - Exact match search result for OSS Name, nickname, and version.
-        - However, if version : -, all versions are retrieved.
-    - When clicking the Nickname link : All CVE results of the corresponding version searched only by nickname are displayed in a popup.
-        - Search results for exact matches for nickname and version.
-        - However, if version : -, all versions are retrieved.
-    - Max CVSS Score : The highest Critical Level for each version of OSS is displayed.
-        - Critical : CVSS Score 9.0 ~ 10.0
-        - High : CVSS Score 7.0 ~ 8.9
-        - Medium : CVSS Score 4.0 ~ 6.9
-        - Low : CVSS Score 0.1 ~ 3.9
+![VulList](images/7_vul_list_main.PNG)
+You can check and search for the highest security vulnerabilities by version of open source provided in the NVD Data Feeds from the **[NVD(National Vulnerability Database)](https://nvd.nist.gov/)**.
+
+### 1. Search Conditions
+You can set **OSS Name, OSS Version, CVE ID, etc.,** to perform a search.
+- OSS Name and OSS Version are not related to the OSS registered in the OSS List; they refer to the NVD Data Feeds Product Name and Version.
+- When you check 'the Exact match' option and perform a search, only results that exactly match the search term in the OSS Name field will be displayed.
+- For CVE ID, only results that exactly match will be displayed.
+
+### 2. Search Results
+- **When clicking the OSS Name link**: All CVE results for the specific version of the OSS Name and nickname in that row will be displayed in a popup.
+    - Exact match search results for OSS Name, nickname, and version.
+    - However, if the version is '-', all versions will be displayed.
+- **When clicking the Nickname link**: All CVE results for the specific version queried by nickname will be displayed in a popup.
+    - Exact match search results for nickname and version.
+    - However, if the version is '-', all versions will be displayed.
+- **Max CVSS Score**: The highest critical level for each version of the OSS is displayed.
+
+    |Critical Level|Critical Score|
+    |:---:|:---:|
+    |Critical    |9.0 ~ 10.0|
+    |High        |7.0 ~ 8.9 |
+    |Medium      |4.0 ~ 6.9 |
+    |Low         |0.1 ~ 3.9 |
 
 ## Vulnerability details
 ### Detailed information popup
-![VulPopUp](images/7_vul_popup.png)
-- Click the Vulnerability Icon on the [Project](4_project.md)> Identification or [Self-Check](6_self-check.md) screen.
-- After searching in Vulnerability List, click the link of OSS Name or Nickname.
+After searching in the Vulnerability List, click the link for OSS Name or Nickname.
+![VulPopUp](images/7_vul_popup_detail.PNG)
 
 ### Vulnerability information export
-Click the Export button in [Self-Check](6_self-check.md).
-![VulExport](images/7_vul_export.png)
-- OSS Name : OSS Name written on the OSS Table
-- Nick Name : When Vulnerability is searched with the nickname of the OSS written in the OSS table, the matched nickname is displayed. (If no nickname is matched, it is marked as -)
-- OSS Version : Vulnerability searched version
-    - If the OSS version is blank, information about all versions that exist in Vulnerability will be displayed.
-    - If the OSS Version is set, the lower version of the corresponding version is not included in the CSV. (All upper versions are included)
-- Max Score : Vulnerability Max Score for the relevant OSS, Version
-- Vulnerability Link : A pop-up link to check the Vulnerability list inquired by the corresponding OSS Name and OSS Version
-
-## Collect & notify Vulnerability
-### Vulnerability information collection
-- Vulnerability information is downloaded daily from [NVD Data Feed](https://nvd.nist.gov/vuln/data-feeds) and stored in FOSSLight Hub.
-- FOSSLight Hub's Vulnerability Score is basically based on the CVSS v3 Base Score, and if there is no v3 Score, it is displayed instead of the CVSS v2 Base Score.
+- You can check the Max Score for each version of the OSS Version and subsequent versions corresponding to the OSS entered by the user.
+- By clicking the Vulnerability link, you can view the detailed information popup.
+- After viewing the Vulnerability information, you can click the Export button on the left to download it as an Excel file.
+![VulExport](images/7_vul_export_list_2.png)
 
-### Vulnerability information notification
-When a Vulnerability Score of 9.0 or higher is registered for the first time, or the Vulnerability Score is changed from 9.0 or higher to less than 9.0, a notification email will be sent.
-- If the OSS that satisfies the above conditions is included in the BOM in the project whose identification is confirmed, the change of the Vulnerability Score will be sent to the creator, watcher, and reviewer of the project.
+#### Vulnerability information export
+![VulExport](images/7_vul_export_excel.PNG)
+- **OSS Name**: OSS Name written in the OSS table
+- **OSS Version**: Version in which the vulnerability was found
+    - If the OSS version is blank, information for all versions present in the vulnerability will be displayed.
+    - If the OSS Version is set, lower versions of that version will not be included in the CSV (all higher versions will be included).
+- **CVE ID**: Security vulnerability information ID provided by NVD(National Vulnerability Database)
+- **CVSS Score**: **The Max Score** for the vulnerability of the corresponding OSS and version
+- **Description**: Description information of the corresponding OSS
+- **Published Date**: The date the security vulnerability was published by NVD
+- **Last Revised**: The date the information on the security vulnerability was last revised by NVD
+- **Vendor**: OSS Vendor(an item to distinguish the vendor of the OSS when the OSS Name is the same)

menu/9_system.md

@@ -8,28 +8,29 @@ published: true
 ```
 
 ## Code Management
-![config](images/9_system_code.png)
+![config](images/9_system_code.PNG)
 - Set the setting value to be loaded during system operation.
 
 ## User Management
-![config](images/9_system_user.png)
-Check the list of registered accounts and correct the information.
-- Create button : Creates a Token to be used in [Rest API](../advanced/2_rest_api.md).
-- Reset button : Resets the password to the same ID as the ID.
-- Use YN : Set up dormant account.
-- Admin : Admin authority is granted.
+![config](images/9_system_user.PNG)
+Check the list of registered accounts and update the information.
+- **Create button** : Creates a Token to be used in [Rest API](../advanced/2_rest_api.md).
+- **Reset button** : Resets the password to the same ID as the ID.
+- **Use YN** : Set up dormant account.
+- **0Admin** : Admin authority is granted.
 
 ## History List
-![config](images/9_system_history.png)
+![config](images/9_system_history.PNG)
 Check the data changes in the DB.
 
 ## Notification
-Manage notification pop-ups to be displayed when accessing the system.
-### ![config](images/9_system_noti_list.png)
-Check and modify the list of registered notices.
+Manage the notification pop-up displayed when accessing the system.
+### ![config](images/9_system_noti_list.PNG)
+Check and edit the list of previously registered notifications.
 
-### ![config](images/9_system_noti_add.png)
-Click the + button at the bottom left of the list to add a notice.
+### ![config](images/9_system_noti_add.PNG)
+
+Click the '+' button at the bottom left of the list to add a notice.
 - Start Date : Notification start date
 - End Date : Notification end date
 - Publish : If checked, a notification pop-up is displayed.
@@ -43,18 +44,16 @@ Check the mail delivery history.
 Check for Vulnerability Data changes.
 
 
-## Configuration
-```note
-(Admin Only) Change the setting values ​​for FOSSLight Hub.
-```
-![config](images/8-3_configuration.png)
-
+## Server Setting
+![config](images/9_system_server.PNG)
 ### Authentication using LDAP
-FOSSLight Hub uses JNDI to support user password authentication using LDAP in an environment where LDAP such as Active Directory can be used.
-- Provider Url : Set the LDAP server information in the format ldap://<AD_SERVER_IP>:<LDAP_PORT>. (javax.naming.Context.PROVIDER_URL)
+FOSSLight Hub supports user password authentication using LDAP in environments where LDAP, such as Active Directory, can be used via JNDI.
+- Provider Url: Set the LDAP server information in the format ldap://<AD_SERVER_IP>:<LDAP_PORT>. (javax.naming.Context.PROVIDER_URL)
 
-### SMTP Setting
+### Notice Setting
+- Notice Type: Set the format of the OSS notice that can be issued.
 
+### SMTP Setting
 - Mail Server : SMTP Host (e.g. smtp.gmail.com)
 - Email Address : Sender email address (e.g. no-reply@fosslight.org)
 - Port : SMTP Port number (e.g. 25 or 587)
@@ -64,6 +63,3 @@ FOSSLight Hub uses JNDI to support user password authentication using LDAP in an
 
 ### Workspace Path Setting
 - Root Path : Top workspace path of upload/download file storage
-
-### Notice Setting
-- Notice Type : Set the type of OSS notice that can be issued.