NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

ThreatForce: The Vulnerability and Threat Search & Correlation Engine

NopSec has just launched ThreatForce – a flagship security vulnerability search engine that makes it easy for security analysts to gain a consolidated view of vulnerabilities by CVE correlated with threat, exploit and other public sources.

threatforce

NopSec ThreatForce offers a summary and detailed results with correlation and links to:

  • Exploit-DB and Metasploit DB of exploits
  • All related patch links under different vendors covering Linux, Unix, Windows, and mobile OS flavors.
  • Snort and Suricata IDS signatures
  • Correlated DB of malware and exploit kits
  • CWE, CPE, CAPEC and OVAL related links.
  • CVSS score and related components
  • Date published
  • OS
  • Attack vector

On the left-hand side of the result page you can see the advanced filters that help narrow down the orginal query results. Some of the filters that can be applied include:

  • CVEs with patches
  • CVEs related to malware
  • CVEs with public exploits
  • CVEs found in exploit packs
  • Risk Factor
  • CVSS score slider
  • Vendors (CPE)
  • Attack Vectors (CWE)
  • Published date
  • A number of reference links can also be found in the detail section of the CVE, found by clicking on it.

As a use-case / example, you can plug in the following search string to find all the vulnerabilities in JAVA related to version 6 and 7.

The ThreatForce search engine and backend database is updated on a daily basis. More details and correlations will be added to the search engine in future releases.  We welcome your ideas on additional sources you would like to see included.  Send your feedback to info@nopsec.com.

We invite you to take ThreatForce for a spin. Happy vulnerability hunting!!

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.