Update README.md documentation for GLPI CVE Plugin

README.md

@@ -1 +1,145 @@
-GLPI-Plugin-CVE-Prototype
+# GLPI CVE Plugin - Prototype
+
+![GLPI CVE Plugin Logo](https://raw.githubusercontent.com/tips-of-mine/GLPI-Plugin-CVE-Prototype/master/docs/images/logo.png)
+
+## Overview
+
+The GLPI CVE Plugin provides a comprehensive vulnerability management system integrated directly into your GLPI installation. The plugin automatically scans your software inventory, identifies vulnerable software versions, and creates alerts based on the Common Vulnerabilities and Exposures (CVE) database.
+
+## Features
+
+- **CVE Database Integration**: Automatically synchronizes with multiple trusted CVE data sources
+- **Automatic Vulnerability Scanning**: Analyzes your GLPI software inventory against known vulnerabilities
+- **Alert Management**: Creates and manages vulnerability alerts with severity categorization
+- **Ticket Integration**: Automatically creates tickets for critical vulnerabilities
+- **Customizable Rules**: Define how vulnerabilities are processed based on severity and other criteria
+- **Dashboard & Reporting**: Visual overview of your vulnerability landscape with statistics
+- **Multi-language Support**: Full internationalization with support for German, English, French, Italian, Polish, Spanish, and Portuguese
+
+## Requirements
+
+- GLPI >= 10.0.0 and <= 10.99.99
+- PHP >= 7.4 and <= 8.2
+- PHP cURL extension
+
+## Installation
+
+1. Download the latest release from the [releases page](https://github.com/tips-of-mine/GLPI-Plugin-CVE-Prototype/releases)
+2. Extract the tarball to your GLPI plugins directory (`glpi/plugins/`)
+3. Rename the extracted directory to `cve` if it's not already named that
+4. Navigate to **Setup > Plugins** in your GLPI web interface
+5. Find the CVE Plugin in the list and click **Install**
+6. Click **Enable** to activate the plugin
+
+## Configuration
+
+### Data Sources
+
+The plugin comes pre-configured with the following CVE data sources:
+- National Vulnerability Database (NVD)
+- MITRE CVE Database
+- CISA Known Exploited Vulnerabilities (KEV) Catalog
+
+You can customize these sources or add new ones:
+
+1. Go to **Tools > Vulnerability > Data Sources**
+2. To add a new source, click the **Add Source** button
+3. Configure:
+   - Source Name: A descriptive name
+   - API URL: The endpoint URL for the CVE data
+   - API Key: If required by the source
+   - Sync Frequency: How often to check for updates (in hours)
+   - Format: JSON, XML, or CSV
+
+### Processing Rules
+
+Configure automated actions to take when vulnerabilities are found:
+
+1. Go to **Tools > Vulnerability > Rules**
+2. Click **Add Rule** to create a new rule
+3. Configure:
+   - Rule Name: A descriptive name
+   - Priority: Lower numbers are processed first
+   - Criteria: Such as vulnerability severity
+   - Actions: Create tickets, send notifications, etc.
+
+## Usage
+
+### Dashboard
+
+The dashboard provides an overview of your vulnerability landscape:
+- Critical and high severity vulnerabilities count
+- Vulnerability distribution by severity
+- Recent vulnerabilities
+- Most vulnerable devices in your inventory
+
+### CVE Management
+
+Browse and search through all known vulnerabilities:
+- Filter by severity, status, and more
+- View detailed information about each CVE
+- Create tickets manually for specific vulnerabilities
+- Access external references
+
+### Inventory Analysis
+
+The plugin automatically scans your software inventory:
+- Go to **Tools > Vulnerability > Software Vulnerability Analysis**
+- Click **Scan Software Inventory Now** to perform a manual scan
+- View vulnerability alerts grouped by software
+
+### Alert Management
+
+Manage vulnerability alerts:
+- Go to **Tools > Vulnerability > Software Vulnerability Alerts**
+- Review alerts with details on affected software
+- Create tickets from alerts
+- Mark alerts as processed or ignored
+
+## Automatic Tasks
+
+The plugin sets up several automatic background tasks:
+
+1. **CVE Synchronization**: Regularly updates the CVE database from configured sources
+2. **Software Vulnerability Analysis**: Scans your software inventory for vulnerabilities
+3. **Old CVE Cleanup**: Removes resolved CVEs after a configurable retention period
+
+You can configure these tasks in **Setup > Automatic actions**.
+
+## Development
+
+### File Structure
+```
+cve/
+├── ajax/               # AJAX request handlers
+├── css/                # CSS styles
+├── front/              # Frontend PHP pages
+├── inc/                # PHP class files
+├── js/                 # JavaScript files
+├── locales/            # Translations
+│   ├── de_DE.mo/po     # German
+│   ├── en_GB.mo/po     # English
+│   ├── fr_FR.mo/po     # French
+│   ├── it_IT.mo/po     # Italian
+│   ├── pl_PL.mo/po     # Polish
+│   └── ...             # Other languages
+├── scripts/            # CLI scripts
+└── tools/              # Development utilities
+```
+
+### Translations
+
+To update translations:
+1. Run `./tools/extract_template.sh` to extract translatable strings
+2. Update PO files with `./tools/update_po.sh`
+3. Compile MO files with `./tools/generate_mo.sh`
+
+## License
+
+This plugin is licensed under the GPL v3+.
+
+## Credits
+
+- GLPI Plugin development team
+- CVE data provided by [NVD](https://nvd.nist.gov/), [MITRE](https://cve.mitre.org/), and [CISA](https://www.cisa.gov/)
+- Contributors to the [GLPI Project](https://glpi-project.org/)