-1

I'm looking for an application where I can manually enter my chosen software - no automatic software inventory - and this software is automatically scanned for known vulnerabilities (from public sources) as soon as I open the program. At best it gives me a reference to the description of the vulnerability right away. So it is a relatively slim program in terms of functionality.

Does anyone know of such an application and can they recommend it? Is there a comparison of different applications that makes it easier for me to choose the right one?

The background is that I am responsible for the security of software sold to customers. This is a web application that runs on an industrial PC. I would like to make an inventory of all services that actively run on the system and check them regularly for vulnerabilities. The software on the industrial PC is usually very rarely updated at the customers. However, I would like to inform the customer if any vulnerabilities occur.

Best regards Matthias

Matthias
  • 1

1 Answers1

0

I'm looking for something similar for another use case. I'm not yet done evaluating something but I'll give a try for this: https://snipeitapp.com/demo

Let me know what you'll find out. I'm happy to share my experiences when I'm done with testing. But this will take a while as I'm quite busy right now.

Update 1: GitHub Link https://github.com/snipe/snipe-it

Update 2: I opened a request for the CVE part of your question https://github.com/snipe/snipe-it/issues/8728

J J
  • 398
  • 1
  • 2
  • 13