Request: Vulnerability assessment


#1

I know this is a huge ask…

Ever since the demise of Secunia Personal software Inspector, I have been looking for a new vulnerability assessment tool. I have yet to find one. Lots of update managers, but I am really only concerned if something I am running has a security vulnerability.

GlassWire does a fantastic job by checking programs at VirusTotal to see if they may contain malicious code.

Another pillar of security is keeping software patched for security vulnerabilities. If GlassWire could also check software running on my machine against a CVE list and let me know if something I am running has a security vulnerability, for which a patch is available, that would be HUGE.

It does not have to be immediate. For example Secunia Personal Software Inspector only checked once a week to see if there were vulnerable programs installed. I think that was adequate for what the program was doing. I don’t think a feature like this added to GlassWire should slow things down. Vulnerability checks could be run as a low-priority task. And I don’t think automatic patching is all that important (which was a nice feature of Secunia PSI).

Chris


#3

@CTaylor

Cool idea! We will see if there is some public database/info online that can help with this. Without some kind of database it would be difficult to do this.


#4

I agree you would need a database.

I am far from experienced at this sort of thing, but I think the “master” for CVEs is US-CERT’s list at https://cve.mitre.org/cve/data_feeds.html

Chris


#5

I really like this idea! +1


#6

great idea! +1

20char


#7

You could probably feed back into the database based on users blocking sites. (and possibly with a reason and rating option)


#8

Please don’t i like GW the way it is, and the little incremental improvements along the way. “GW is a firewall” and if it starts to add things like this, whats next? a file shredder, registry scanner, clean and speed up my computer, uninstall software. This could make GW become bloatware with more system resource needed. Please leave GW the way it was intended for. Just my thoughts.