Which vulnerability database is kics using? #7007

Zebrawo · 2024-04-17T09:10:08Z

Zebrawo
Apr 17, 2024

Which vulnerability does KICS use? Is it like NIST NVD vulnerability database or something like this?
And is kics fetching the data from the database realtime? or are there any time delay?

Answered by gabriel-cx

May 13, 2024

Hi @Zebrawo ,

Thanks for your inputs!
KICS does not use any particular external vulnerability DB. Our 'vulnerabilities' information are provided by our internal AppSec team, and here you can check all of our queries that detect all those vulnerabilities.

Since our queries are present inside KICS itself, there is no delay "fetching" vulnerabilities information.

Hope this information clarifies your doubts.

View full answer

gabriel-cx · 2024-05-13T08:24:52Z

gabriel-cx
May 13, 2024

Hi @Zebrawo ,

Thanks for your inputs!
KICS does not use any particular external vulnerability DB. Our 'vulnerabilities' information are provided by our internal AppSec team, and here you can check all of our queries that detect all those vulnerabilities.

Since our queries are present inside KICS itself, there is no delay "fetching" vulnerabilities information.

Hope this information clarifies your doubts.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Which vulnerability database is kics using? #7007

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Which vulnerability database is kics using? #7007

Zebrawo Apr 17, 2024

Replies: 1 comment

gabriel-cx May 13, 2024

Zebrawo
Apr 17, 2024

gabriel-cx
May 13, 2024