Finding Published Vulnerabilities
Explore how to identify published vulnerabilities in third-party libraries, network services, and operating systems. Understand the importance of using diverse sources like CVE databases, forums, and official sites, and learn to document and rotate responsibility for vulnerability searches. Gain practical insights to regularly monitor and manage security risks for your network.
We'll cover the following...
So now we have a list of the third-party libraries, networked services, and operating systems in use on our network. Wherever possible, we also have version numbers. This list might not be complete, and might never be complete, but it’s still useful. Now we need to see what vulnerabilities have been published for this software.
Searching for vulnerabilities is manual
Searching for vulnerabilities is a manual effort. There isn’t a lot of consistency in how vulnerabilities are reported, and there isn’t a single centralized location for all vulnerabilities across every piece ...