search

cve-search / vulnerability-lookup

Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure (CVD).
https://www.vulnerability-lookup.org
GNU Affero General Public License v3.0
147 stars 16 forks source link

Product watch list? #87

Open idev opened 1 week ago

idev commented 1 week ago

Hello,

for larger companies it may makes sense to have some kind of a watch list for products in use. Benefit would be to get a more streamlined feed of relevant vulnerabilities.

Thank you

cedricbonhomme commented 1 week ago

Hi,

You can integrate the API in your tools. There is a dedicated endpoint which returns vulnerabilities related to vendor/product. Have a look at /api/vulnerability/search/{vendor}/{product} in the OpenAPI documentation. Every time you query this endpoint you will get the new vulnerabilities associated to the product.

It is also possible to use /api/vulnerability/browse/{vendor} if you want to be less specific.

A lot of feeds are as well available: https://vulnerability.circl.lu/documentation/feeds.html#examples

In the future we will implement a notification system. But for this we need first to implement backend pub/sub service.