The Surprising Complexity of Finding Known Vulnerabilities

20. March 2024
News | Pentests & Security Analyses

IT security professionals need an efficient and reliable solution for identifying known vulnerabilities in a software product, given its name and version.

Our colleagues at usd HeroLab place high demands on such a solution. They evaluated several available solutions to arrive at the conclusion that not one of them sufficiently meet their requirements. Core challenges in this area include different names for the same product, complex version numbers and data timeliness. As a consequence, they have started developing their own tool: search_vulns.

Learn more about the challenges of finding known vulnerabilities and the requirements corresponding solutions should meet in our LabNews.

PENTEST | SECURITY ANALYSIS | SECURITY RESEARCH | VULNERABILITIES

Also interesting:

Security Advisories on hugocms and Gitea

Security Advisories on hugocms and Gitea

Jul 25, 2024

The pentest professionals at usd HeroLab examined hugocms and Gitea during their pentests. Thereby, several vulnerabilities were identified. The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy. The usd HeroLab Advisories can...

DORA Requirements Become More Concrete: Further RTS and ITS Published

DORA Requirements Become More Concrete: Further RTS and ITS Published

Jul 23, 2024

The Digital Operational Resilience Act (DORA) aims to strengthen digital resilience in the European financial sector. To this end, the EU regulation formulates corresponding requirements for affected financial institutions and their third-party ICT service providers...

Categories

Categories

#BeAware Cloud Security Customer Stories  | Cyber Defence  |  Cybersecurity Tips  |  Events & Community Financial Sector & Compliance  |  Life@usd  |  News  |  PCI -Tipps  |  PCI News Pentest Insights  |  Security Audits  |  Security Research  |  usd Updates