Is anyone using osquery to check software against CVEs for v

Question

Is anyone using osquery to check software against CVEs for vulnerabilities

spookerlabs · Answer

I think you will like this issue <https github com fleetdm fleet issues 405>

Mystery Incorporated · Answer

Thanks ah ok so it s not possible yet But fleetdm should do it in the future

seph · Answer

I ve done this as a PoC There s a lot to build

seph · Answer

osquery will give you a package application whatever and their reported version Matching those to CVEs requires some work I don t think I ve seen an OSS implementation

Mystery Incorporated · Answer

wazuh is an OSS implementation doing it but now I realise that you mean an OSS implementation using osquery

seph · Answer

That fleet issue has lots of good links to dive into

Liam · Answer

We use <https github com facebookincubator nvdtools|https github com facebookincubator nvdtools> internally to do this have a Query that returns in CPE format and then persist that into a Cassandra DB and our Data platform