VulnCheck’s new database tracks exploits for fresh vulnerabilities in real time and allows for search using CVE IDs. Cybersecurity professionals who need to track the latest vulnerability exploits now have a new tool designed to make their job easier, with the launch today of VulnCheck XDB, a database of exploits and proof of concepts hosted on Git repositories.The tool, from cyberthreat intelligence provider VulnCheck, is aimed at helping vulnerability researchers and security teams prioritize vulnerabilities based on the availability and criticality of new exploits that have been made public.“There is a significant gap in exploit databases available today for modern security teams,” said Anthony Bettini, CEO and founder of VulnCheck. “That’s why we’re excited to launch XDB. This complementary tool will be instrumental in helping researchers, offensive teams and detection engineers solve the vulnerability prioritization challenge and bolster security.” VulnCheck XDB is an open, license-less service and is available to users at launch. It sources information from Git providers like GitHub, GitLab, and Gitee. Legacy exploit databases are slow, lack detailsA major shortcoming of legacy databases is the “single file” model they are designed on, according to Bettini. Exploits these days are often projects with variety of functionalities, spanning multiple files like configuration files and command line interface files.“These multifile projects often appear on git repositories (like GitHub), and legacy databases don’t support multiple files,” Bettini said. “Usually, when multiple files are involved, other exploit databases don’t include it or fold all the files into a single ZIP file, making them unreadable on the websites.” Another drawback to legacy databases is that they are people curated exploit databases and are extremely slow to be relied on, Bettini said. VulnCheck, on the other hand, is offering an autonomous software system for tracking exploit and proof of concept code in real time.“A problem with vulnerability databases today is that we only get basic information about the severity of the vulnerability (CVS scores) and effected version details,” said Edouard Viot, vice president of product at GitGuardian, a provider of code security software. “A working exploit can inform a business about the risk of their own infrastructure, or testing the efficiency of an existing security control.”VulnCheck XDB features CVE indexingXDB will be hosted as an autotracking, complementary tool on VulnCheck’s website and will feature the option to search by common vulnerabilities and exploits (CVE) IDs for discovering vulnerabilities with written exploits. The fact that it’s well-linked to CVE-ID will be more interesting for organizations that have CVE alerts and want to assess their real risk, according to Viot.“Application makers only write 10% of their code, 90% of their attack surfaces are the framework that they use. These frameworks use sub-libraries with, on average, three vulnerabilities per year. So, an application maker has a lot of CVE to manage on their own application because of the dependencies. Having access to the exploitation code could help to do what we call an ‘impact analysis’,” Viot said.There are other automatically updated programs designed to allow security professionals to check on new exploits, including from cybersecuirty comnpany Exploit DB — but VulnCheck also claims to cover exploits written in other countries or hosted on foreign sites, like Gitee. “At this time, we’re unaware of any other exploit database making any attempt to track exploits written in foreign countries like China,” Bettini said. Related content news New CISO appointments 2024 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Apr 26, 2024 14 mins CSO and CISO IT Jobs IT Governance news Top cybersecurity product news of the week New product and service announcements from Forcepoint, Ionix, Amplifier Secutiry and Torq. By CSO staff Apr 26, 2024 81 mins Generative AI Security feature Looking outside: How to protect against non-Windows network vulnerabilities Security administrators who work in Windows-based environments should heed the lessons inherent in recent vulnerability reports. By Susan Bradley Apr 25, 2024 7 mins Windows Security Network Security Security Practices brandpost Sponsored by Palo Alto Networks Cloud security teams: What to know as M&A activity rebounds in 2024 Direct visibility is critical in M&A, and cloud-native application protection platforms (CNAPP) are ideal to provide this capability. By Amol Mathur, SVP & GM of Prisma Cloud, Palo Alto Networks Apr 25, 2024 4 mins Cloud Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe