Which vulnerability database is kics using? #7007
-
Which vulnerability does KICS use? Is it like NIST NVD vulnerability database or something like this? |
Beta Was this translation helpful? Give feedback.
Answered by
gabriel-cx
May 13, 2024
Replies: 1 comment
-
Hi @Zebrawo , Thanks for your inputs! Since our queries are present inside KICS itself, there is no delay "fetching" vulnerabilities information. Hope this information clarifies your doubts. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
gabriel-cx
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @Zebrawo ,
Thanks for your inputs!
KICS does not use any particular external vulnerability DB. Our 'vulnerabilities' information are provided by our internal AppSec team, and here you can check all of our queries that detect all those vulnerabilities.
Since our queries are present inside KICS itself, there is no delay "fetching" vulnerabilities information.
Hope this information clarifies your doubts.