The Surprising Complexity of Finding Known Vulnerabilities

20. March 2024

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version.

Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions to arrive at the conclusion that not one of them sufficiently meet their requirements. Core challenges in this area include different names for the same product, complex version numbers and data timeliness. As a consequence, they have started developing their own tool: search_vulns.

Learn more about the challenges of finding known vulnerabilities and the requirements corresponding solutions should meet in our LabNews.

Also interesting:

Security Advisory on Cubro

Security Advisory on Cubro

The pentest professionals at usd HeroLab examined Cubro EXA48200 during the execution of their projects. A vulnerability was discovered in the User Management API that could allow authenticated attackers to gain administrative privileges via a single HTTP request. The...

Categories

Categories