How to setup monitoring and alerting for security vulnerabilities

Table of Contents

Case #

You need to be able to monitor the global status of software and hardware security vulnerabilities and receive alerts when such vulnerabilities are released, based on filtering criteria. This should be part of your security and privacy strategy. This KB article provides guidance on how to setup monitoring and alerting for security vulnerabilities.

Solution #

There are various security vulnerability databases (SVD) out there, which organize and disseminate information about security vulnerabilities of hardware, firmware and software from any vendor, product or service. You should register for free with the most prominent SVDs and setup alerts to stay tuned about the most critical released Common Vulnerabilities and Exposures (CVEs). There are generic SVD databases with CVEs as well as vendor-specific SVD services. This article presents the most prominent services. This is not an exhaustive list but is a pretty useful one.

How to setup monitoring and alerting for security vulnerabilities
  • NIST National Vulnerability Database available at https://nvd.nist.gov/. According to NIST, a vulnerability is defined as a weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability. Mitigation of the vulnerabilities in this context typically involves coding changes, but could also include specification changes or even specification deprecations (e.g., removal of affected protocols or functionality in their entirety).
How to setup monitoring and alerting for security vulnerabilities NIST
  • OpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE.). Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE. Many CVE are released every day, but you’re not interested by all of them. OpenCVE allows you to filter the list by subscribing to vendors and their products. You can manually install OpenCVE, or use docker. OpenCVE also provide a running instance on https://www.opencve.io if you don’t want to host it yourself.
How to setup monitoring and alerting for security vulnerabilities OpenCVE

You should register with OpenCVE.io to start receiving personalized alerts to your monitoring mailbox.

  • CVEDetails.com is another CVE database worth mentioning.
  • Vuldb.com is a notenorthy service which offers alerting features to its registered users.
  • Variotdbs.pl is a frontend for a database covering vulnerabilities and exploits related to Internet of Things (IoT) devices, constantly updated by harvesting various sources of information

Powered by BetterDocs