vDNA Crosslinks

vDNA Crosslinks allows you to gather +80.000 security alerts data from Security-Database and export it as JSON. Export provide related alert information. By that we mean, all alerts linked to the first one at specified depth. We limit the depth from 0 (single) to 4, but on demand, we can override this value.
For each node, we provide the Alert Name (id), severity, vendor, published date, and the number of links.

On this exemple, we use D3.js library and grapher.js to manipulate and represent links bewteen alerts and severity propagation. Hope you'll like it.

Security-Database provides this information for free for anybody who want to play with, make graphs, stats, publish or anything else. Hope you'll enjoy playing with it and perhaps, let you have some idea ;)

vDNA Crosslinks Demo for : MS10-039 at depth : 3

PS: You can click on each node to go to an alert

Layout

Force Severity Vendors

Severity Filter

Critical High Medium Low N/A

Vendor Filter

CVE Microsoft Mandriva Redhat Debian Ubuntu Gentoo Cisco US-CERT VU-CERT HP Sun VMware

The endpoint

The endpoint is hosted by Security-Database. Datas are generated daily, queries and results cached for a maximum performance.

http://crosslinks.security-database.com/crosslinks.php?alert=[alert]&depth=[depth]

This endpoint verify that the Alert name entered is conform (ie : CVE-2012-2010 or MS10-021) and verify that the depth is between 0 and 4 (integer only). Depth 0 will be selected alert only.

Output Sample

Success : Json ouput exemple

    {
        "success" : true,
        "message" :
            {
            "nodes" : [ {
                "severity" : "Medium",
                "id" : "KB983438",
                "vendor" : "Microsoft",
                "published" : "2010-05-12",
                "type" : "Alerts",
                "links" : 2
            },{(...)}],
            "links" : [ {
                "source" : "MS11-044",
                "target" : "MS12-034"
            },{(...)}]
            }
    }

Datas (Nodes)

severity : Source alert severity (Critical, High, Medium, Low or NA)
id : Alert Name (SD naming scheme)
vendor : Source vendor (Microsoft, cve, HP...)
published : Source published date (YYYY-MM-DD)
type : Actually Alerts, perhaps some other later
links : Numbers of links from this alert (integer)

Datas (Links)

source : id From
target : id To

Error : Json ouput Exemple

    {
        "success" : false,
        "message" : [
            {
                "error" : "depth : No specified Depth, must be between 0 and 4"
            }
        ]
    }

Errors

Exemple : Depth, must be between 0 and 4 (0 is selected alert only)

Exemples

Some interesting exemples of alerts severity propagation at depth 4 (click on pictures)

DSA-2780

MS13-087

VMSA-2013-0006

HPSBUX02889 SSRT101252

MS10-039

GitHub

Our work is now on GitHub, Fork us ! https://github.com/security-database/vdna-crosslinks

License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

You are free to:

Share — copy and redistribute the material in any medium or format
Adapt — remix, transform, and build upon the material

for any purpose, even commercially.

Under the following terms:

Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

What does "Attribute this work" mean?

The page you came from contained embedded licensing metadata, including how the creator wishes to be attributed for re-use. You can use the HTML here to cite the work. Doing so will also include metadata on your page so that others can find the original work as well.
ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.

Comments

Comments, share your work, post pictures