Using the NIST Database and API to Keep Up with Vulnerabilities and Patches (Part 1 of 3), (Thu, Jan 7th)

It’s been a while since NIST changed the API for their NVD (National Vulnerability Database), so I (finally) got around to writing some code against that API.  This API gives you a way for your code to query CVE’s (Common Vulnerabilities and Exposures) against a broad range of products (or against specific products).  What this immediately brought to my mind was what I always ask my clients to put in someone’s job description “monitor vendor announcements and industry news for vulnerabilities in the products in use by the organization”.  This can be a tough row to hoe, especially if we’re not talking the Microsoft / Cisco / Oracle and other “enterprise flagship” products - the ones that might immediately come to mind - if you monitor the cve list you’ll see dozens or hundreds of CVEs scroll by in a day.   Also, subscribing to all the vendor security newsgroups and feeds can also quickly turn into a full-time proposition.  I think using the NIST API can be a viable alternative to just plain “keeping up”.  CVE’s often are a few days behind vendor announcements and patches, but on the other hand the CVE database is a one-stop-shop, (theoretically) everything is posted here.

Article Link: https://isc.sans.edu/diary/rss/26958