Request: Vulnerability assessment

CTaylor · May 23, 2018, 11:21am

I know this is a huge ask…

Ever since the demise of Secunia Personal software Inspector, I have been looking for a new vulnerability assessment tool. I have yet to find one. Lots of update managers, but I am really only concerned if something I am running has a security vulnerability.

GlassWire does a fantastic job by checking programs at VirusTotal to see if they may contain malicious code.

Another pillar of security is keeping software patched for security vulnerabilities. If GlassWire could also check software running on my machine against a CVE list and let me know if something I am running has a security vulnerability, for which a patch is available, that would be HUGE.

It does not have to be immediate. For example Secunia Personal Software Inspector only checked once a week to see if there were vulnerable programs installed. I think that was adequate for what the program was doing. I don’t think a feature like this added to GlassWire should slow things down. Vulnerability checks could be run as a low-priority task. And I don’t think automatic patching is all that important (which was a nice feature of Secunia PSI).

Chris

Ken_GlassWire · May 23, 2018, 12:15pm

@CTaylor

Cool idea! We will see if there is some public database/info online that can help with this. Without some kind of database it would be difficult to do this.

CTaylor · May 23, 2018, 1:33pm

I agree you would need a database.

I am far from experienced at this sort of thing, but I think the “master” for CVEs is US-CERT’s list at https://cve.mitre.org/cve/data_feeds.html

Chris

zzz00m · May 24, 2018, 6:03pm

I really like this idea! +1

X_Naquada · May 29, 2018, 1:24pm

great idea! +1

20char

Patrick_Tyrus · December 14, 2018, 8:00pm

You could probably feed back into the database based on users blocking sites. (and possibly with a reason and rating option)

GlassWare · December 14, 2018, 9:25pm

Please don’t i like GW the way it is, and the little incremental improvements along the way. “GW is a firewall” and if it starts to add things like this, whats next? a file shredder, registry scanner, clean and speed up my computer, uninstall software. This could make GW become bloatware with more system resource needed. Please leave GW the way it was intended for. Just my thoughts.