It allows you to take a zero day exposure or impact on a bespoke system - analyse the real likelihood of exploitation associated with it; then it relates your findings to similar bugs and therefore gain historic precedents and matching technical categorizations within NISTs' National Vulnerability Database (NVD).
Designed to be used with the CVSS calculator, the work bench helps you:
* Plot a pretty graph for your management report for each risk & Common Vulnerability Scoring System (CVSS) calculation
* Find Common Vulnerabilities and Exposures (CVE®) which match your target CVSS vector
* Search for a Common Weakness Enumeration (CWE) entries that match a CVE
* Match a Common Weakness Enumeration (CWE) your text search criteria
* Search for a Common configuration enumeration (CCE) by Operating System and text
* Relate an entry to BS7799 & ISO27001
* Relate an entry to SP800-53
* Relate an entry to PCI-DSS
This is part of the Cyber Attack, CyberCrime, CyberWarfare - CyberComplacencycharity project. This is an early release version which does not include the full NVD database and PCI-DSS / IS1 tables.
The APP runs on android - but has a back-end based on EC2, Jason, REST, XML, Python and PHP.