As a Threat Intelligence Analyst we are required to monitor the third-party product used by our organization for any vulnerabilities which is required to notified to security team.
Also, we need to create the watchlist for those product and services to monitor the existing vulnerability list.
I am searching for a good open source tool to achieve this in my organization. and if you known any please share in comment section.
I am going to use Maltego Community Edition for third part risk management.
In Maltego there is an option called “Transform Hub” which contains multiple apps used for the different investigation purpose.
In our case we are going to use “NIST NVD” to query CVE information from NIST National Vulnerability Database.
It doesn't required any API to integrate with Maltego.
After installing the NIST NVD in Maltego, lets go and query our products to get the vulnerability information.
Open new graph page for our analysis, then import a entity called CPE which is Common Platform Enumeration from the list.
Now, we need to identify the proper name to do searching in maltego.
To identify the CPE name, please search the product name in the below link.
Lets say we are using Apache Tomcat for example, first we need to identify the CPE name and then we need to run the search based on that.
You will get all the list of products and version name to do search in Maltego.
this particular exercise is help to get the vulnerabilities and risk information of our organization additionally it also helps to prioritize the third party vulnerabilities and for maintaining watchlist.