Analytical Tools and Programs
For more information about any of the following tools and programs, please contact info@us-cert.gov.
-
National Vulnerability Database (NVD)
The NVD is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance.
-
Vulnerability Notes
Vulnerability Notes contain information about vulnerabilities and include summaries, technical details, remediation information, and lists of affected vendors.
-
Vulnerability Card Catalog
Authorized users can log into the Vulnerability Card Catalog to access information regarding emerging vulnerabilities reported to the CERT Coordination Center. To determine if you are eligible for obtaining access, please refer to the CERT Knowledgebase FAQ.
-
US-CERT Portal
The US-CERT Portal provides a secure, web-based, collaborative system to share sensitive, cyber-related information and news with participants in the public and private sector, including GFIRST, the CISO Forum, NCRCG, ISAC members, and various other working groups. Authorized users can visit the US-CERT Portal.
-
US-CERT Einstein Program
This program provides an automated process for collecting, correlating, analyzing, and sharing computer security information across the federal government to improve our nation's situational awareness.
-
Security Configuration Benchmarks and Scoring Tools
The Center for Internet Security (CIS) has security configuration benchmarks and scoring tools, many of which can be downloaded free of charge. Visit the Security Benchmarks website.
-
Build Security In
A website that includes software assurance and software security information to help developers, architects, and security practitioners create secure systems. Visit the Build Security In website.