Quick Start

Get up and running with CSE in less than 5 minutes. This guide covers the fastest ways to explore and integrate CSE signals into your workflow.

No installation required. CSE is a data specification and registry. You can start using it immediately through the web interface, raw GitHub URLs, or the API.

Step 1: Browse the Registry

The fastest way to explore CSE is through the web-based registry browser. You can search, filter, and view detailed information about any signal.

Open Registry Browser

From the registry, you can:

  • Filter signals by domain (HIPAA, SOC 2, ISO 27001, etc.)
  • Search by signal ID, title, or description
  • View complete signal definitions including detection artifacts
  • See framework control mappings for each signal
  • Copy signal IDs for use in your tools

Step 2: Access Raw Data via GitHub

All CSE data is stored as JSON files in our public GitHub repository. You can fetch signal definitions, mappings, and schemas directly using raw GitHub URLs.

Repository Structure

cse-registry/
├── signals/
│   ├── CMMC/           # CMMC domain signals
│   │   ├── ACCESS/     # Category subdirectory
│   │   │   └── CSE-CMMC-ACCESS-MFA-001/
│   │   │       └── signal.json
│   │   └── ...
│   ├── HIPAA/          # HIPAA domain signals
│   ├── SOC2/           # SOC 2 domain signals
│   └── ...
├── mappings/           # Control framework mappings
├── schemas/            # JSON validation schemas
└── registry.json       # Complete registry manifest

Fetching Signals

Retrieve a specific signal definition using its path:

# Fetch a specific signal
curl https://raw.githubusercontent.com/cse-registry/cse-registry/main/signals/HIPAA/TECH/CSE-HIPAA-TECH-ENCRYPT-REST-001/signal.json

# Response
{
  "id": "CSE-HIPAA-TECH-ENCRYPT-REST-001",
  "domain": "HIPAA",
  "category": "TECH",
  "title": "Data at Rest Encryption Not Enabled",
  "description": "Storage resource does not have encryption at rest enabled...",
  "severity": "high",
  "version": "1.0.0"
}

Fetching the Complete Registry

Download the complete registry manifest to get an index of all signals:

# Fetch registry manifest
curl https://raw.githubusercontent.com/cse-registry/cse-registry/main/registry.json

# Response includes metadata and signal index
{
  "version": "1.0.0",
  "generated": "2024-12-28T00:00:00Z",
  "stats": {
    "total_signals": 1132,
    "domains": 12,
    "mappings": 1308
  },
  "signals": [...]
}

Fetching Mappings

Retrieve control framework mappings for a signal:

# Fetch mappings for a signal
curl https://raw.githubusercontent.com/cse-registry/cse-registry/main/mappings/CSE-HIPAA-TECH-ENCRYPT-REST-001.json

# Response
{
  "signal_id": "CSE-HIPAA-TECH-ENCRYPT-REST-001",
  "mappings": [
    {
      "framework": "HIPAA",
      "control": "§164.312(a)(2)(iv)",
      "description": "Encryption and decryption"
    },
    {
      "framework": "NIST-CSF",
      "control": "PR.DS-1",
      "description": "Data-at-rest is protected"
    }
  ]
}

Step 3: Use the API

Coming Soon: The CSE API will provide programmatic access to the registry with advanced search, filtering, and bulk operations. API access will require free registration.

While the API is being finalized, you can use the raw GitHub URLs above for programmatic access. Once available, the API will offer:

  • RESTful endpoints for signals, mappings, and domains
  • Full-text search across signal titles and descriptions
  • Filtering by domain, category, severity, and tags
  • Bulk retrieval endpoints for efficient data sync
  • Webhook notifications for registry updates

Preview the API structure on our API Reference page.

Step 4: Integrate with Your Tools

CSE is designed to be integrated into security tools, compliance platforms, and CI/CD pipelines. Here are common integration patterns:

Emitting CSE Signals from a Scanner

If you're building or extending a security scanner, you can emit findings that reference CSE signals:

{
  "finding_id": "f-12345",
  "signal_id": "CSE-HIPAA-TECH-ENCRYPT-REST-001",
  "observed_at": "2024-12-28T10:30:00Z",
  "artifact": {
    "type": "cloud_resource",
    "provider": "aws",
    "service": "s3",
    "resource_id": "arn:aws:s3:::my-bucket"
  },
  "evidence": {
    "encryption_enabled": false,
    "bucket_name": "my-bucket"
  }
}

Consuming CSE Signals in a GRC Platform

Import CSE signal definitions to automatically map findings to framework controls:

import requests

# Fetch signal definition
signal = requests.get(
    "https://raw.githubusercontent.com/cse-registry/cse-registry/main/"
    "signals/HIPAA/TECH/CSE-HIPAA-TECH-ENCRYPT-REST-001/signal.json"
).json()

# Fetch mappings
mappings = requests.get(
    "https://raw.githubusercontent.com/cse-registry/cse-registry/main/"
    "mappings/CSE-HIPAA-TECH-ENCRYPT-REST-001.json"
).json()

# Now you have the signal definition and all framework mappings
# to correlate with your internal compliance tracking

CI/CD Pipeline Integration

Reference CSE signals in your pipeline configuration to standardize security gate criteria:

# .github/workflows/security.yml
- name: Security Scan
  run: scanner run --output cse-format

- name: Check Critical Signals
  run: |
    # Fail if any high-severity CSE signals detected
    jq '.findings[] | select(.severity == "high")' results.json
    if [ $? -eq 0 ]; then
      echo "Critical CSE signals detected"
      exit 1
    fi

Next Steps

Now that you know how to access CSE data, explore further:

Core Concepts

Understand signals, mappings, and findings

Signal Format

Complete signal schema documentation

Security Tool Integration

Detailed integration patterns

GitHub Repository

Browse the source and contribute