This site uses cookies for managing your session and website analytics purposes. Allow Cookies

VulnIQ

Vendor Feeds

CVRF

Many IT vendors publish data feeds for issues related to their own products. Major vendors including Oracle, Red Hat, Suse, Cisco and Microsoft provide feeds in ICASI Common Vulnerability Reporting Framework (CVRF) format which is an XML based language developed for describing vulnerabilities.

VulnIQ Solution

VulnIQ supports processing CVRF documents, including vendor specific differences in documents between vendors and CVRF versions. VulnIQ includes automated processors for each major vendor that provides CVRF feeds. We monitor changes in vendor urls and file formats and release necessary software and/or documentation updates as necessary.

Please note that the availability of vendor feeds are subject to changes by vendors. For example if a vendor stops providing feeds then we may not be able to replace it with an alternative. Additionally vendor feeds are usually subject to copyrights and other limitations. When using the SaaS version, you may not be able to view entire details of issues due to those restrictions. These limitations are typically not in place when running your own private instances.

On the longer term our support for vendor feeds will not be limited to the CVRF format. We will continue to add new formats and vendors.