A popular source for vulnerability data is NVD (National Vulnerability Database) maintained by NIST (National Institute of Standards and Technology). Since 2005 they aggregate data from the CVE program and partially enrich it with their own data points like CPE strings and CVSS scoring.

We do not depend on NVD

We do not depend on NVD as a primary source. Therefore, disruptions, slowdowns, and downshifts do not influence our vulnerability data processing in any way.

We incorporate NVD data if available

As a secondary source we use NVD data for verification and enrichment. For example their CVSS scores are shown as an alternative to our own CVSS scoring and therefore adds to our data points. We do also add their CPE data if it is able to enrich our own assignments.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!