Knowledge graph stats

Name: SQUR cs-graph
Creator: Adam Lundqvist

Live counts from the cs-graph Firestore. Updated hourly via ISR.

Nodes

41,456

across 14 entity types

Live edges

56,321

80% from primary sources

Frameworks

13

DORA · NIS2 · GDPR · ISO27001 · NIST_CSF · CIS_v8 · OWASP_TOP10 · OWASP_LLM_TOP10 · OWASP_API_TOP10 · PCI_DSS_v4 · ISO27701 · TIBER_EU · CRA

Vertex spend

€100.84 / €300

33.6% of the €300 trial credit

Nodes by type

Vulnerability (CVE)

31,200

MITRE Software

3,697

Threat Actor

2,004

Breach

978

Weakness (CWE)

970

Living-off-the-land Binary

712

Technique + SubTechnique

639

Attack Pattern (CAPEC)

615

Defensive Technique (D3FEND)

271

MITRE Group

157

Data Component

109

Mitigation

43

Data Source

38

Campaign

23

Edge confidence· 56,321 live · 3,305 candidate

uses

315

defends_against

6,772

relates_to

1,823

exploits

1,212

compliance_tests_technique

1,922

compliance_requires_mitigation

795

compliance_addresses_weakness

875

Legacy MITRE STIX edges not yet migrated to the typed schema: 45,281 (Phase F1 backfill).

Compliance framework depth· 14 frameworks · 127 mapped controls

DORA14

Digital Operational Resilience Act

mean confidence 80%

ISO2700114

ISO/IEC 27001:2022

mean confidence 81%

PCI_DSS_v412

PCI DSS v4.0

mean confidence 79%

CIS_v811

CIS Controls v8

mean confidence 81%

NIS210

Network and Information Security Directive 2

mean confidence 77%

OWASP_API_TOP1010

OWASP API Top 10 2023

mean confidence 79%

OWASP_LLM_TOP1010

OWASP LLM Top 10 2025

mean confidence 77%

OWASP_TOP1010

OWASP Top 10 2021

mean confidence 84%

ISO277018

ISO/IEC 27701

mean confidence 78%

AI_ACT7

EU AI Act

mean confidence 83%

GDPR6

General Data Protection Regulation

mean confidence 84%

NIST_CSF6

NIST Cybersecurity Framework 2.0

mean confidence 85%

CRA5

EU Cyber Resilience Act

mean confidence 0%

TIBER_EU4

TIBER-EU

mean confidence 75%

Source freshness

Source	Last fetched	SLA	Status
MITRE ATT&CK STIX	—	weekly	pending wiring
MITRE CWE	—	quarterly	pending wiring
CISA KEV	4 days ago	weekly	within SLA
NVD year feeds	today	monthly	within SLA
FIRST.org EPSS	today	daily	within SLA
MISP-Galaxy	today	monthly	within SLA
GitHub Security Advisories	today	daily	within SLA
HIBP	—	weekly	pending wiring
MITRE CAPEC	—	quarterly	pending wiring
MITRE ATLAS	—	quarterly	pending wiring
MITRE D3FEND	—	quarterly	pending wiring
LOLBAS	—	monthly	pending wiring
GTFOBins	—	monthly	pending wiring
EUR-Lex / NIST / OWASP / CIS / ISO seeds	today	release-driven	pending wiring

Freshness wiring lands in F-series follow-up — import scripts will write to graph_stats/freshness on each run.

SEO — Google Indexing API publisher

An hourly Cloud Run Job (google-indexing-publisher) reads the nodes updated in the last ~70 min and pushes their canonical kb.squr.ai/kb/{type}/{slug} URLs to Google's indexing.googleapis.com/v3/urlNotifications:publish — reducing the default 1–14d crawl latency to <1h. Direct lever on AI-Overviews / Perplexity citation share for new and changed entries. See methodology for the underlying mechanic.

Posture

Dry-run

Composes URLs without publishing (pre-DNS)

Runs (24h)

24

168 over 7d

URLs proposed (24h)

0

0 over 7d

Errors (24h)

0

(no API calls in dry-run)

Recent runs (latest first)

Started	Mode	Candidates	Published	Errors
2026-06-19 22:17	dry-run	0	0	0
2026-06-19 21:17	dry-run	0	0	0
2026-06-19 20:17	dry-run	0	0	0
2026-06-19 19:17	dry-run	0	0	0
2026-06-19 18:17	dry-run	0	0	0
2026-06-19 17:17	dry-run	0	0	0
2026-06-19 16:17	dry-run	0	0	0
2026-06-19 15:17	dry-run	0	0	0
2026-06-19 14:17	dry-run	0	0	0
2026-06-19 13:17	dry-run	0	0	0

Currently in dry-run mode because kb.squr.ai DNS isn't wired yet (operator: verify sc-domain:squr.ai in Google Search Console, add indexing-api-publisher-sa@squr-aios-tooling.iam as Verified Owner, then flip INDEXING_ENABLED=true via one gcloud run jobs update).

Vertex spend

Cumulative € spent

€100.84

of €300 trial credit · 3,605 grounded calls

Breakdown

Quality-eval (nightly)	€72.74
Corroborate (nightly)	€28.10

Live per-job spend from the cost_ledger the nightly Vertex jobs write (updated 2026-06-19).

Sourced from MITRE ATT&CK Enterprise (current release), MITRE CWE, MITRE CAPEC, MITRE ATLAS, MITRE D3FEND, CISA Known Exploited Vulnerabilities, NIST National Vulnerability Database, FIRST.org EPSS, MISP-Galaxy Threat Actor cluster (CC-0), Have I Been Pwned, LOLBAS Project, GTFOBins, OWASP, CIS Center for Internet Security, NIST Cybersecurity Framework, EUR-Lex (DORA / NIS2 / GDPR / CRA / AI Act), ECB TIBER-EU, ISO 27001:2022 / ISO 27701, PCI Security Standards Council. Mega-mapped via Google Vertex Gemini 2.5 Flash + grounded-search verification. Authored by Adam Lundqvist, Founder at SQUR.