NIST NVD

Modified on: Wed, 18 Aug, 2021 at 2:32 PM

Overview

Using the NIST NVD Transforms for Maltego, investagators are able to quickly discover context and insights around CVEs, CPEs and CWEs using the NIST National Vulnerability Database.


The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce.


The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory. NVD is the U.S. government repository of standards-based vulnerability management data.


NVD data is represented using the Security Content Automation Protocol (SCAP) and enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.


The NVD performs analysis on CVEs that have been published to the CVE Dictionary. The NVD team analyzes CVEs by aggregating data points from the description, references supplied and any supplemental data that can be found publicly at the time. This analysis results in association impact metrics (Common Vulnerability Scoring System - CVSS), vulnerability types (Common Weakness Enumeration - CWE), and applicability statements (Common Platform Enumeration - CPE), as well as other pertinent metadata.


Investigators can leverage NIST NVD data for:

  • Risk and Vulnerability Assessment and Management
    • Assess an organization's possible exposure to threats, especially with the help of CPEs.
  • Risk Mitigation
    • Understand the cause of vulnerabilities and how to proactively detect and prevent them.
  • Evaluation of Cybersecurity Compliance
    • Monitor and remediate your organization's security protocols against NIST standards, consisting of security best practices controls, in a broad set of industries. Complying with NIST guidelines and recommendations will help ensure compliance with other regulations, such as HIPAA, FISMA, or SOX.

You can read more about the benefits of NIST NVD on our website here.


Be sure not to miss our blog post, Protect Your Organization with NIST NVD and Maltego, to find out exactly what kind of information can be discovered using the NIST NVD Transforms and what a typical investigation using this integration would entail.


Pricing & Access

NIST NVD is freely available to both Maltego Commercial and Maltego Community Hub users. The Hub item can be installed directly from the Maltego Transform Hub.



NIST NVD Transforms

Get CVE details [NIST NVD]

Description

This Transform returns the CVE details from the National Vulnerability Database.


Transform Meta Info

Information Value
Display Name Get CVE details [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.cveToCveDetails
Input Entities maltego.CVE
Output Entities maltego.CVE
Short Description This Transform returns the CVE details from the National Vulnerability Database

To CPE [NIST NVD]

Description

This Transform returns the CPEs on which the input CVE was found.


Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Add Ons (Include Official CPE Names. Example, dictionaryCpes) string dictionaryCpes true false false

Transform Meta Info

Information Value
Display Name To CPE [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.cveToCpe
Input Entities maltego.CVE
Output Entities maltego.CPE
Short Description This Transform returns the CPEs on which the input CVE was found

To CWE [NIST NVD]

Description

The Transform returns the CWE for the input CVE.


Transform Meta Info

Information Value
Display Name To CWE [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.cveToCwe
Input Entities maltego.CVE
Output Entities maltego.CWE
Short Description The Transform returns the CWE for the input CVE

Search for CVEs [NIST NVD]

Description

This Transform searches National Vulnerability Database for CVEs.


Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Add Ons (Include Official CPE Names. Example, dictionaryCpes) string dictionaryCpes true false false
CPE Match String string   true true false
CVSS V2 Metrics string   true true false
CVSS V2 Severity (LOW, MEDIUM, HIGH) string   true true false
CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) string   true true false
CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) string   true true false
CWE ID string   true true false
Exact Match boolean   true true false
Include Match String Change (Check if vulnerabilities or associated product names were modified) boolean   true true false
Modification Date Range daterange   true true false
Publication Date Range daterange   true true false

Transform Meta Info

Information Value
Display Name Search for CVEs [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.phraseToCve
Input Entities maltego.Phrase
Output Entities maltego.CVE
Short Description This Transform searches National Vulnerability Database for CVEs

Search for CPEs [NIST NVD]

Description

This Transform searches National Vulnerability Database for CPEs.


Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
CPE Match String string   true true false
Include Deprecated boolean   true true false
Modification Date Range daterange   true true false

Transform Meta Info

Information Value
Display Name Search for CPEs [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.phraseToCpe
Input Entities maltego.Phrase
Output Entities maltego.CPE
Short Description This Transform searches National Vulnerability Database for CPEs

To CVE [NIST NVD]

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Add Ons (Include Official CPE Names. Example, dictionaryCpes) string dictionaryCpes true false false
CPE Match String string   true true false
CVSS V2 Metrics string   true true false
CVSS V2 Severity (LOW, MEDIUM, HIGH) string   true true false
CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) string   true true false
CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) string   true true false
Exact Match boolean   true true false
Include Match String Change (Check if vulnerabilities or associated product names were modified) boolean   true true false
Keyword string   true true false
Modification Date Range daterange   true true false
Publication Date Range daterange   true true false

Transform Meta Info

Information Value
Display Name To CVE [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Output Entities maltego.CVE

Variants

Transform Name Input Entities Short Description
maltego.nistnvd.cweToCve maltego.CWE This Transform returns the CVEs associated with the input CWE
maltego.nistnvd.cpeToCve maltego.CPE This Transform returns the CVEs associated with input CPE

Get CPE details [NIST NVD]

Description

This Transform returns the CPE details from the CPE Dictionary.


Transform Meta Info

Information Value
Display Name Get CPE details [NIST NVD]
Owner  
Author Maltego Technologies
Data Source NIST NVD
Transform Name maltego.nistnvd.cpeToCpeDetails
Input Entities maltego.CPE
Output Entities maltego.CPE
Short Description This Transform returns the CPE details from the CPE Dictionary

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.