all InfoSec news
Automating CVE search
Oct. 26, 2023, 11:24 a.m. | dh0ck
System Weakness - Medium systemweakness.com
I was recently automating the search for CVEs affecting some assets. A real life saver for automating this process is to use CPE codes (Common Platform Enumeration). This standard indicates in different fields things like a vendor for a product, the product itself, its version, etc, following:
cpe:<cpe_version>:<part>:<vendor>:<product>:<version>:<update>:<edition>:<language>:<sw_edition>:<target_sw>:<target_hw>:<other>
(https://en.wikipedia.org/wiki/Common_Platform_Enumeration)
For example, part can have the values “a” (application), “o” (operating system) and “h” (hardware).
The following endpoint of NIST’s NVD returns CVEs discovered in a range of dates: …
More from systemweakness.com / System Weakness - Medium
OSI Model & TCP/IP Comparison
1 day, 1 hour ago |
systemweakness.com
Clocky | TryHackMe Write-up
2 days, 19 hours ago |
systemweakness.com
Tuesday Morning Threat Report: Apr 30, 2024
2 days, 19 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
QA Customer Response Engineer
@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
Enterprise Security Architect
@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)
@ Sierra Nevada Corporation | Dayton, OH - OH OD1
Senior Development Security Analyst (REMOTE)
@ Oracle | United States
Software Engineer - Network Security
@ Cloudflare, Inc. | Remote
Software Engineer, Cryptography Services
@ Robinhood | Toronto, ON