The Surprising Complexity of Finding Known Vulnerabilities

20. March 2024
News | Pentests & Security Analyses

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version.

Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions to arrive at the conclusion that not one of them sufficiently meet their requirements. Core challenges in this area include different names for the same product, complex version numbers and data timeliness. As a consequence, they have started developing their own tool: search_vulns.

Learn more about the challenges of finding known vulnerabilities and the requirements corresponding solutions should meet in our LabNews.

Pentest | Security Analysis | SECURITY RESEARCH | VULNERABILITIES

Also interesting:

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

Dec 11, 2025

Since the publication of the original blog post in May 2024, the final version of the RTS for TLPT has been released. The blog post has been updated accordingly and now covers the current requirements. The Digital Operational Resilience Act (DORA) came into force on...

Red Teaming: 5 Questions Every IT Leader Wants Answered

Red Teaming: 5 Questions Every IT Leader Wants Answered

Dec 3, 2025

Many companies invest in firewalls, endpoint protection, and awareness training, assuming that this puts them in a strong position. But the reality is different: attackers do not think in terms of tools, but in terms of targets. They combine technical vulnerabilities...

Categories

Categories

#BeAware Cloud Security Customer Stories  | Cyber Defence  |  Cybersecurity Tips  |  Events & Community Financial Sector & Compliance  |  Life@usd  |  News  |  PCI -Tipps  |  PCI News Pentest Insights  |  Security Audits  |  Security Research  |  usd Updates