Skip to content

Commit 0082d34

Browse files
cedricbonhommecedricbonhomme
committed
Various small additions.
1 parent 78b746e commit 0082d34

File tree

2 files changed

+36
-2
lines changed

2 files changed

+36
-2
lines changed

content/_index.md

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,8 @@ Vulnerability-Lookup facilitates quick correlation of vulnerabilities from vario
1111
## Explore
1212

1313
{{< cards >}}
14-
{{< card link="https://vulnerability.circl.lu" title="Instance operated by CIRCL" icon="book-open" >}}
14+
{{< card link="https://github.com/cve-search/vulnerability-lookup" title="The project on GitHub" icon="github" >}}
15+
{{< card link="https://vulnerability.circl.lu" title="Instance operated by CIRCL" icon="server" >}}
1516
{{< card link="https://vulnerability.circl.lu/documentation" title="Docs" icon="book-open" >}}
1617
{{< card link="about" title="About" icon="user" >}}
1718
{{< /cards >}}
@@ -21,6 +22,17 @@ feel free to create an account on the [the official instance](https://vulnerabil
2122

2223
## Features
2324

25+
- **API**: A comprehensive and fast lookup API for searching vulnerabilities and identifying correlations by vulnerability identifier.
26+
- **Feeders**: Modular system to import vulnerabilities from different sources.
27+
- **CVD process**: Creation, edition and fork/copy of Security Advisories with the [vulnogram editor](https://github.com/Vulnogram).
28+
Support of local vulnerability source per Vulnerability-Lookup instance.
29+
- **Sightings**: Users have the possibility to add observations to vulnerabilities with different types of sightings, such as:
30+
*seen*, *exploited*, *not exploited*, *confirmed*, *not confirmed*, *patched*, and *not patched*.
31+
- **Comments**: Ability to add, review and share comments on vulnerability advisories.
32+
- **Bundles**: Possibility to create bundles of vulnerability advisories with a description.
33+
- **RSS/Atom**: An extensive RSS and Atom support for vulnerabilities and comments.
34+
- **EPSS**: Integration of the Exploit Prediction Scoring System score.
35+
2436

2537

2638
## Funding
@@ -30,4 +42,5 @@ feel free to create an account on the [the official instance](https://vulnerabil
3042

3143
The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.
3244

33-
vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.
45+
vulnerability-lookup is co-funded by [CIRCL](https://www.circl.lu) and by the European Union.
46+
Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.

content/about.md

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
---
2+
title: About
3+
toc: false
4+
---
5+
6+
7+
Vulnerability-Lookup is a rewritten version of cve-search, an open-source tool initially aimed at maintaining a local CVE database. The original cve-search had design and scalability limitations, and its public instance operated by CIRCL is maxing out at 20,000 queries per second.
8+
9+
As vulnerability sources have diversified beyond the NVD CVE, a new tool was needed to support the CVD process, allowing for bundling, commenting, publishing, and extending vulnerability information in a collaborative manner.
10+
11+
12+
## License
13+
14+
Vulnerability-Lookup is free software released under the "GNU Affero General Public License v3.0".
15+
16+
~~~
17+
Copyright (c) 2023-2024 Computer Incident Response Center Luxembourg (CIRCL)
18+
Copyright (c) 2023-2024 Alexandre Dulaunoy - https://github.com/adulau
19+
Copyright (c) 2023-2024 Raphaël Vinot - https://github.com/Rafiot
20+
Copyright (c) 2024 Cédric Bonhomme - https://github.com/cedricbonhomme
21+
~~~

0 commit comments

Comments
 (0)