Skip to content

Vulnerability Correlation and Detection Engine

Notifications You must be signed in to change notification settings

stfinney/vcad-engine

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

http://bsmartt13.github.com/vcad-engine/

Vulnerability Correlation and Detection Engine (VCAD) for OSSIM

VCAD is a lightweight vulnerability scanner which is intended for use inside of Alienvault's OSSIM.

The idea of this project is to decouple Network probing from analysis in vulnerability scanning. OSSIM is constantly probing the network for hosts with NMAP. VCAD takes advantage of this continuously incoming information by doing correlation between it and a vulnerability database (a local copy of OSVDB).

Due to the lack of network probing VCAD is fast. The time it takes to run VCAD is a direct result of algorithmic complexity (not network latency).

Currently, VCAD is designed to work within OSSIM. However, abstracting VCAD out of OSSIM is within the realm of possibility and something we are interested in.

To use VCAD, download the files to your ossim instance and run install-vcad.sh. This will put the files in the correct places and build the lookup table (~1-2 seconds).


Project authors: Bill Smartt , Scott Finney, Bin Lu,

About

Vulnerability Correlation and Detection Engine

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 92.6%
  • Python 6.7%
  • Shell 0.7%