Better Data Makes for Better Decision-Making Across Your Enterprise

VulnDB provides the richest, most complete vulnerability intelligence available to help you address points of risk across your organization – from application development and IT to security operations, vendor risk management and procurement. VulnDB’s timely, high quality, actionable data on all of the latest-known vulnerabilities enables informed decision-making critical to building, buying and maintaining the most secure systems for your business. With over 90,000 additional vulnerabilities not found in the frequently relied-on Common Vulnerabilities and Exposures (CVE) database, VulnDB intelligence strengthens security for all of your vulnerability management initiatives.

Developers: Manage 3rd Party Risks Hiding in Your Applications

It’s standard practice for application developers to integrate third party libraries and other Open Source Software (OSS) into applications that are internally deployed or externally sold. While there are big efficiency benefits in communal code sharing, unknown vulnerabilities lurk in those libraries, putting your applications at risk. With over thousands of OSS vendors and products monitored, VulnDB delivers the most comprehensive third-party library and OSS vulnerability data available.

The Security Team: Circumvent Scanning's Shortcomings

While scanning tools can capture installed devices through point-in-time snapshots, they rely on properly designed signatures from known vulnerabilities to identify your risks. With most scanning tools relying on CVE for vulnerability intelligence, depending on a scan to identify infrastructure risks places your organization at a disadvantage. VulnDB evolves your vulnerability remediation approach, arming

you with fast, current insights about all of the vulnerabilities associated with the technologies in your environment. VulnDB’s extensive metadata helps you prioritize the vulnerabilities that need to be most quickly addressed and allows you to stay current with email alerts easily created through the VulnDB Portal.

Procurement and Vendor Risk Management: Know What You're Buying

VulnDB’s extensive vulnerability, product and vendor metadata is the basis for our best-in-class Five-Star vendor rating system, Vulnerability Timeline and Exposure Metrics. VTEM is VTEM framework defines vulnerability timeline tracking and provides metrics to assist organizations in evaluating software vendors and products while providing insight into potential exposure. For higher-risk technologies already in your

infrastructure, our ratings data lets you quickly know where to prioritize both vendor risk management and remediation efforts.

Flexible Access to VulnDB Intelligence

Derived from a proprietary search engine and daily analysis of thousands of vulnerability sources, VulnDB provides more than sixty unique, up-to-the-moment data points, such as cross-referenced vulnerability IDs, vendor, product, library, attack type, exploit, impact, location, solution, disclosure dates, CVSS score and specific references. Choose the access method that best suits your needs:

  1. SaaS Portal. Our AWS-based SaaS Portal provides fast data access with no hardware or software installation required. Drill down on specific vendors for vulnerability data and key metrics, comparing and avoiding risky technologies or vendors with poor track records.

  2. Alerts. Use the Portal to set real-time My Alerts – available through email or Slack channel – to stay on top of the latest-breaking vulnerability intelligence. Instant awareness means faster time to remediation action and lower risk to your business.

  3. Data. Opt for a direct data feed using our Representational State Transfer (RESTful) APIs. With more than two dozen customizable APIs to choose from, you can download our partial or entire vulnerability database, then integrate data where you need it. VulnDB maps to all the leading tools like Archer, Service Now, Splunk, ITIL ticketing, Asset Management/CMDB, SIEM solutions, and even to internally developed tools. This ready integration eliminates scan duplication, reduces risk and shortens time to resolution.


VulnDB Vulnerability Intelligence
Did this answer your question?