Find vulnerabilities#
Periodic searching for new vulnerabilities for your used software and hardware is crucial.
You SHOULD check vulnerabilities:
Regularly.
When system is updated with new functionality.
When significant security events in commonly used libraries are discovered. This to check if you are more vulnerable to.
When infrastructure changes. E.g. new hardware or networking components.
When evaluating new software.
When a new CVE is out you are vulnerable. It does not matter if exploit code is already published on the Internet or not. Assume that Criminals are misusing the CVEs already.
A simple way to search for vulnerabilities is using Search option that the US National Vulnerability Database (NVD) offers. The NVD is a product of the NIST (National Institute of Standards and Technology).
Simple Vulnerabilities Search
Keep it simple: Use the direct search option of the NVD database.