The Surprising Complexity of Finding Known Vulnerabilities

20. March 2024
News | Pentests & Security Analyses

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version.

Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions to arrive at the conclusion that not one of them sufficiently meet their requirements. Core challenges in this area include different names for the same product, complex version numbers and data timeliness. As a consequence, they have started developing their own tool: search_vulns.

Learn more about the challenges of finding known vulnerabilities and the requirements corresponding solutions should meet in our LabNews.

Pentest | Security Analysis | SECURITY RESEARCH | VULNERABILITIES

Also interesting:

Security Advisories on Entra ID and Tenable Nessus Manager

Security Advisories on Entra ID and Tenable Nessus Manager

Apr 9, 2026

The pentest professionals at usd HeroLab identified a vulnerability during a cloud pentest that allows the circumvention of conditional access policies for privileged identities in Microsoft Entra ID through the combination of role-based policy assignment and...

Effectively Implementing Third-Party Risk Management under DORA

Effectively Implementing Third-Party Risk Management under DORA

Mar 25, 2026

The Digital Operational Resilience Act (DORA) is now a reality for financial institutions and their service providers. In 2026, the focus will shift to the practical implementation of third-party risk management at financial institutions, as BaFin will conduct its...

Categories

Categories

#BeAware Cloud Security Customer Stories  | Cyber Defence  |  Cybersecurity Tips  |  Events & Community Financial Sector & Compliance  |  Life@usd  |  News  |  PCI -Tipps  |  PCI News Pentest Insights  |  Security Audits  |  Security Research  |  usd Updates