Tag Archives: vulners.com

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this!

Alternative video link (for Russia): https://vk.com/video-149273431_456239113

How can the support of these two APIs in Scanvus be useful?

Now there is no binding to one vendor. Choose which service and price you prefer.
The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor.
Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible.
Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects.

Continue reading →

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Example of output

For all targets the output is the same. It contains information about the target and the type of check. Then information about the OS version and the number of Linux packages. And finally, the actual information about vulnerabilities: how many vulnerabilities were found and the criticality levels of these vulnerabilities. The table shows the criticality level, bulletin ID, CVE list for the bulletin, and a comparison of the invulnerable fixed package version with the actual installed version.

This report is not the only way to present results. You can optionally export the results to JSON (OS inventory data, raw vulnerability data from Vulners Linux API or processed vulnerability data).

Continue reading →

Vulners Linux Audit API: Security Bulletin Publication Dates in Results

Vulristics May 2022 Update: CVSS redefinitions and bulk adding Microsoft products from MS CVE data

1 Reply

Hello everyone! In this episode, I want to talk about the latest updates to my open source vulnerability prioritization project Vulristics.

Alternative video link (for Russia): https://vk.com/video-149273431_456239088

CVSS redefinitions

A fairly common problem: we have a CVE without an available CVSS vector and score. For example, this was the case with CVE-2022-1364 Type Confusion in V8 (Chromium). This vulnerability does not exist in NVD.

Continue reading →

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

VMconf 22: Blindspots in the Knowledge Bases of Vulnerability Scanners

1 Reply

Hello everyone! This video was recorded for the VMconf22 Vulnerability Management conference. I want to talk about the blind spots in the knowledge bases of Vulnerability Scanners and Vulnerability Management products.

This report was presented in Russian at Tenable Security Day 2022. The video is here.

Potential customers rarely worry about the completeness of the Knowledge Base when choosing a Vulnerability Scanner. They usually trust the VM vendors’ claims of the “largest vulnerability base” and the total number of detection plugins. But in fact the completeness is very important. All high-level vulnerability prioritization features are meaningless unless the vulnerability has been reliably detected. In this presentation, I will show the examples of blindspots in the knowledge bases of vulnerability management products, try to describe the causes and what we (as customers and the community) can do about it.

Continue reading →

AM Live Vulnerability Management Conference Part 2: What was I talking about there

3 Replies

Hello all! It is the second part about AM Live Vulnerability Management conference. In the first part I made the timecodes for the 2 hours video in Russian. Here I have combined all my lines into one text.

What is Vulnerability Management?

Vulnerability Management process is the opposite of the admin’s saying “If it works – don’t touch it!”. The main idea of this process is to somehow fix the vulnerabilities. How do you achieve this is not so important. Maybe you will have a nice Plan-Do-Check-Act process and strict policies. Maybe not. The main thing is that you fix vulnerabilities! And the main problem is to negotiate this regular patching with system administrators and service owners.

Continue reading →

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.

Alexander V. Leonov

Vulnerability Management and more

Tag Archives: vulners.com

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

How can the support of these two APIs in Scanvus be useful?

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Example of output

Vulners Linux Audit API: Security Bulletin Publication Dates in Results

Vulristics May 2022 Update: CVSS redefinitions and bulk adding Microsoft products from MS CVE data

CVSS redefinitions

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

VMconf 22: Blindspots in the Knowledge Bases of Vulnerability Scanners

AM Live Vulnerability Management Conference Part 2: What was I talking about there

What is Vulnerability Management?