You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close
home Transform Hub data categories - Cybersecurity

NIST NVD

By Maltego Technologies
Quickly discover context and insights around CVEs, CPEs, and CWEs for vulnerability and threat exposure assessment.
NIST NVD integration for Maltego
Cybersecurity Infrastructure CERT Compliance

NIST NVD Transforms for Maltego 

Founded in 1901, National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce.  The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory.  

NVD is the U.S. government repository of standards-based vulnerability management data. The data is represented using the Security Content Automation Protocol (SCAP) and enables automation of vulnerability management, security measurement, and compliance.  

The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics. 

The NVD performs analysis on CVEs that have been published to the CVE Dictionary. The NVD team analyzes CVEs by aggregating data points from the description, references supplied and any supplemental data that can be found publicly at the time. This analysis results in association impact metrics (Common Vulnerability Scoring System - CVSS), vulnerability types (Common Weakness Enumeration - CWE), and applicability statements (Common Platform Enumeration - CPE), as well as other pertinent metadata. The NVD does not actively perform vulnerability testing, relying on vendors, third party security researchers, and vulnerability coordinators to provide information that is then used to assign these attributes.   

NIST NVD’s integration with Maltego provides investigators access to the database and helps them to discover context and insights around CVEs, CPEs and CWEs, all directly within Maltego.  

NIST NVD use case in Maltego

  • Threat Intelligence Teams
  • Red Team /Pen Testers
  • Incident Response Teams
  • SOC Teams
  • CERTs
  • Compliance Teams
  • Cyber and Digital Forensics Teams

Integration Benefits

Leverage NIST NVD Data for

Risk and Vulnerability Assessment and Management
Assess your organization's possible exposure to threats, especially with the help of CPEs.
Risk Mitigation
Understand the cause of vulnerabilities and how to proactively detect and prevent them.
Evaluation of Cybersecurity Compliance
Monitor and remediate your organization's security protocols against NIST standards, consisting of security best practices controls, in a broad set of industries. Complying with NIST guidelines and recommendations will help ensure compliance with other regulations, such as HIPAA, FISMA, or SOX.

Pricing & Access

Community Hub
Users with Maltego Community Edition.
Free
Install Hub Item directly from Maltego Transform Hub.
Commercial Hub
Users with a Maltego One, Classic, or XL license.
Free
Install Hub Item directly from Maltego Transform Hub.

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About NIST NVD

The National Institute of Standards and Technology is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce. The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory.  

For more information, visit  https://nvd.nist.gov/