Three weeks ago, we introduced VulnCheck CPE enrichment to support the security community while the National Vulnerability Database (NVD) has experienced delays in processing new vulnerabilities. CPE generation is crucial for vulnerability tools and security teams, facilitating the mapping of software vulnerabilities (CVEs) to products.
Since the launch of NVD++ with CPE enrichment three weeks ago, we've received numerous inquiries about VulnCheck CPE.
Q: Are you truly providing CPE to the community at no cost?
A: Yes, we are offering VulnCheck CPE enrichment as a community service, free of charge for organizations. As a commitment to the security community, we consider CPE a vital function and have decided to include it in both our community service NVD++ and our commercial service VulnCheck NVD.
Q: What is VulnCheck’s CPE coverage?
A: Our efforts have been concentrated on maximizing CPE coverage for mainstream vendors and products. Currently, we maintain 100% coverage of 46 CVE Numbering Authorities (CNAs) and generate CPE for 117 out of 181 CNAs. To provide better visibility into our coverage, we've created a data visualization tool.
Q: How can I access VulnCheck CPE Enrichment?
A: VulnCheck CPE enrichment is accessible when you join the VulnCheck Community. You can sign up for a free community account here. Our documentation outlines how to access VulnCheck CPE here.
Additionally, we've created a video to provide a guided walkthrough on accessing VulnCheck CPE enrichment.
We are actively working on expanding our automated CPE generation and refining accuracy in response to the NVD pause. If you have feedback or questions, please email us at community@vulncheck.com
VulnCheck NVD++ provides the security community with a dependable alternative for maintaining a persistent connection to NIST NVD CVE data, empowering users with seamless and reliable access to this critical public resource.
To learn more about VulnCheck NVD++, please visit: https://vulncheck.com/nvd2
About VulnCheck
Are you interested in exploring threat actors? Do you want to track the vulnerabilities they are exploiting in the wild? If so, VulnCheck's Exploit & Vulnerability Intelligence has broad threat actor coverage. Register and demo our data today.