PHDays 10: Prioritizing CVEs with Vulristics open source extensible framework
Vulristics (vulnerability and heuristics) is an open-source extensible framework for analyzing generally available information on public CVE vulnerabilities. The project started as a tool for making reports on Microsoft Patch Tuesday vulnerabilities. Now, with Vulristics you can analyze (categorize, prioritize) any CVE set, using data from vulners.com, Microsoft website, the National Vulnerability Database (NVD), and AttackerKB. The speaker will give an in-depth talk about using Vulristics to prioritize vulnerabilities. He will also talk about why it is important to know how to prioritize known vulnerabilities and which extra sources of data can be used to prioritize vulnerabilities.