National Vulnerability Database Paper

448 Words2 Pages

Analysis of National Vulnerability Database
One of the major reasons of the problems in an organization’s network is the application vulnerabilities. To help mitigate the application vulnerabilities, measurement of the overall IT security of the organization, and support regulatory compliance, National Vulnerability Database (NVD) is an online repository available for general public usage, published and maintained by the National Institute of Standards and Technology (NIST), and sponsored by National Cyber Security Division of Department of Homeland Security. In addition, NVD includes five primary elements: checklists of security, flaws of the software, problems in configuration, the names of the application, and metrics of impact (NIST, 2015). …show more content…

This expansive database is extremely valuable in finding out the patterns or trends of the vulnerabilities or flaws affecting a specific classification of software, and helps predict and manage the IS security when a similar software is utilized within the IT infrastructure of an organization. Additionally, numerous vulnerabilities in software are added to NVD every year, which undoubtedly helps controlling the known predicaments. However, network and application security personnel use NVD to also predict the undiscovered problems based on its extensive list of known issues, and prepare mitigation plans for the future consequences (Zhang, Caragea, & Ou, 2011). Moreover, the common categories of vulnerabilities that NVD has been proved successful in tackling are: cross-site scripting, SQL injection, cross-channel scripting, session management, cross-site request forgery, information disclosure, server and cryptographic configuration, and detection of malware (Brooks, Adger, & Kelly,

More about National Vulnerability Database Paper