Overview
Using the NIST NVD Transforms for Maltego, investagators are able to quickly discover context and insights around CVEs, CPEs and CWEs using the NIST National Vulnerability Database.
The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce.
The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory. NVD is the U.S. government repository of standards-based vulnerability management data.
NVD data is represented using the Security Content Automation Protocol (SCAP) and enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
The NVD performs analysis on CVEs that have been published to the CVE Dictionary. The NVD team analyzes CVEs by aggregating data points from the description, references supplied and any supplemental data that can be found publicly at the time. This analysis results in association impact metrics (Common Vulnerability Scoring System - CVSS), vulnerability types (Common Weakness Enumeration - CWE), and applicability statements (Common Platform Enumeration - CPE), as well as other pertinent metadata.
Investigators can leverage NIST NVD data for:
- Risk and Vulnerability Assessment and Management
- Assess an organization's possible exposure to threats, especially with the help of CPEs.
- Risk Mitigation
- Understand the cause of vulnerabilities and how to proactively detect and prevent them.
- Evaluation of Cybersecurity Compliance
- Monitor and remediate your organization's security protocols against NIST standards, consisting of security best practices controls, in a broad set of industries. Complying with NIST guidelines and recommendations will help ensure compliance with other regulations, such as HIPAA, FISMA, or SOX.
You can read more about the benefits of NIST NVD on our website here.
Be sure not to miss our blog post, Protect Your Organization with NIST NVD and Maltego, to find out exactly what kind of information can be discovered using the NIST NVD Transforms and what a typical investigation using this integration would entail.
Pricing & Access
NIST NVD is freely available to both Maltego Commercial and Maltego Community Hub users. The Hub item can be installed directly from the Maltego Transform Hub.
NIST NVD Transforms
Get CVE details [NIST NVD]
Description
This Transform returns the CVE details from the National Vulnerability Database
Transform Meta Info
Information | Value |
---|---|
Display Name | Get CVE details [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.cveToCveDetails |
Input Entities | maltego.CVE |
Output Entities | maltego.CVE |
Short Description | This Transform returns the CVE details from the National Vulnerability Database |
To CPE [NIST NVD]
Description
This Transform returns the CPEs on which the input CVE was found
Transform Settings
Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
---|---|---|---|---|---|
Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | true | false | false |
Transform Meta Info
Information | Value |
---|---|
Display Name | To CPE [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.cveToCpe |
Input Entities | maltego.CVE |
Output Entities | maltego.CPE |
Short Description | This Transform returns the CPEs on which the input CVE was found |
To CWE [NIST NVD]
Description
The Transform returns the CWE for the input CVE
Transform Meta Info
Information | Value |
---|---|
Display Name | To CWE [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.cveToCwe |
Input Entities | maltego.CVE |
Output Entities | maltego.CWE |
Short Description | The Transform returns the CWE for the input CVE |
Search for CVEs [NIST NVD]
Description
This Transform searches National Vulnerability Database for CVEs
Transform Settings
Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
---|---|---|---|---|---|
Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | true | false | false |
CPE Match String | string | true | true | false | |
CVSS V2 Metrics | string | true | true | false | |
CVSS V2 Severity (LOW, MEDIUM, HIGH) | string | true | true | false | |
CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) | string | true | true | false | |
CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) | string | true | true | false | |
CWE ID | string | true | true | false | |
Exact Match | boolean | true | true | false | |
Include Match String Change (Check if vulnerabilities or associated product names were modified) | boolean | true | true | false | |
Modification Date Range (120 days max) | daterange | true | true | false | |
Publication Date Range (120 days max) | daterange | true | true | false |
Transform Meta Info
Information | Value |
---|---|
Display Name | Search for CVEs [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.phraseToCve |
Input Entities | maltego.Phrase |
Output Entities | maltego.CVE |
Short Description | This Transform searches National Vulnerability Database for CVEs |
Search for CPEs [NIST NVD]
Description
This Transform searches National Vulnerability Database for CPEs
Transform Settings
Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
---|---|---|---|---|---|
CPE Match String | string | true | true | false | |
Include Deprecated | boolean | true | true | false | |
Modification Date Range (120 days max) | daterange | true | true | false |
Transform Meta Info
Information | Value |
---|---|
Display Name | Search for CPEs [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.phraseToCpe |
Input Entities | maltego.Phrase |
Output Entities | maltego.CPE |
Short Description | This Transform searches National Vulnerability Database for CPEs |
To CVE [NIST NVD]
Transform Settings
Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
---|---|---|---|---|---|
Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | true | false | false |
CPE Match String | string | true | true | false | |
CVSS V2 Metrics | string | true | true | false | |
CVSS V2 Severity (LOW, MEDIUM, HIGH) | string | true | true | false | |
CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) | string | true | true | false | |
CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) | string | true | true | false | |
Exact Match | boolean | true | true | false | |
Include Match String Change (Check if vulnerabilities or associated product names were modified) | boolean | true | true | false | |
Keyword | string | true | true | false | |
Modification Date Range (120 days max) | daterange | true | true | false | |
Publication Date Range (120 days max) | daterange | true | true | false |
Transform Meta Info
Information | Value |
---|---|
Display Name | To CVE [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Output Entities | maltego.CVE |
Variants
Transform Name | Input Entities | Short Description |
---|---|---|
maltego.nistnvd.cweToCve | maltego.CWE | This Transform returns the CVEs associated with the input CWE |
maltego.nistnvd.cpeToCve | maltego.CPE | This Transform returns the CVEs associated with input CPE |
Get CPE details [NIST NVD]
Description
This Transform returns the CPE details from the CPE Dictionary
Transform Meta Info
Information | Value |
---|---|
Display Name | Get CPE details [NIST NVD] |
Owner | |
Author | Maltego Technologies |
Data Source | NIST NVD |
Transform Name | maltego.nistnvd.cpeToCpeDetails |
Input Entities | maltego.CPE |
Output Entities | maltego.CPE |
Short Description | This Transform returns the CPE details from the CPE Dictionary |