I have a project to research certain applications to determine if there are existing vulnerabilities. My plan is to get a vulnerability database and run some scripts looking for my applications. I expect to minimize but not entirely eliminate some manual review. My question is - what vulnerability database is most useful for this effort? CVE? NVD? OSVDB? Something else? Any advice is most welcome. Jim B. |
Anonymous |
thread locked Quote Subscribe |
Jun 2nd 2014 7 years ago |
All of them. Don't forget secunia. Once you got them aggregated, a query against all should work. CVE is nice to match up entries between them, but there may not be a CVE number for all of the vulnerabilities. |
Johannes 4476 Posts ISC Handler |
Thread locked. Quote |
Jun 6th 2014 7 years ago |
Quoting Anonymous:I have a project to research certain applications to determine if there are existing vulnerabilities. My plan is to get a vulnerability database and run some scripts looking for my applications. I expect to minimize but not entirely eliminate some manual review. |
Anonymous - |
Thread locked. Quote |
Jan 28th 2015 7 years ago |
Securing databases is barely a simple undertaking, however it is regularly the assaults that pursue the most straightforward vulnerabilities that are best. Undertakings that stick to the essentials will create the most blast for their database security bucks. http://laustan.com/master_level.php |
Anonymous - |
Thread locked. Quote |
Feb 27th 2015 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!