VulnWhisperer – Create Actionable Data From Your Vulnerability Scans
VulnWhisperer – Create Actionable
is a vulnerability management tool and report aggregator. VulnWhisperer will pull all the reports from the different Vulnerability scanners and create a file with a unique filename for each one, using that data later to sync with Jira and feed Logstash. Jira does a closed cycle full Sync with the data provided by the Scanners, while Logstash indexes and tags all of the information inside the report (see logstash files at /resources/elk6/pipeline/). Data is then shipped to ElasticSearch to be indexed and ends up in a visual and searchable format in Kibana with already defined dashboards.
- Python 2.7
- Vulnerability Scanner
- Reporting System: Jira / ElasticStack 6.6
Our current Roadmap is as follows:
- Create a Vulnerability Standard
- Map every scanner results to the standard
- Create Scanner module guidelines for easy integration of new scanners (consistency will allow #14)
- Refactor the code to reuse functions and also enable full compatibility among modules
- Change Nessus CSV to JSON (Consistency and Fix #82)
- Adapt single Logstash to standard and Kibana Dashboards
- Implement Detectify Scanner
- Implement Splunk Reporting/Dashboards
On top of this, we try to focus on fixing bugs as soon as possible, which might delay the development. We also very welcome PR’s, and once we have the new standard implemented, it will be very easy to add compatibility with new scanners.
The Vulnerability Standard will initially be a new simple one level JSON with all the information that matches from the different scanners having standardized variable names, while maintaining the rest of the variables as they are. In the future, once everything is implemented, we will evaluate moving to an existing standard like ECS or AWS Vulnerability Schema; we also prioritize functionality over perfection.