ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Kvasir Security Management

    Scheduled Pinned Locked Moved IT Discussion
    8 Posts 4 Posters 756 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ
      last edited by

      This looks like a cool open source tool that is meant for tracking security vulnerabilities among customers. Since there quite a few MSPs on here, I figure somebody may already be using it.

      Is anyone using it?

      https://blogs.cisco.com/security/introducing-kvasir

      https://github.com/KvasirSecurity/Kvasir

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller
        last edited by

        Don't know it, but will look into it.

        1 Reply Last reply Reply Quote 0
        • Reid CooperR
          Reid Cooper
          last edited by

          Interesting. Have you had a chance to play with it yet? @IRJ

          IRJI 1 Reply Last reply Reply Quote 0
          • IRJI
            IRJ @Reid Cooper
            last edited by

            @Reid-Cooper said in Kvasir Security Management:

            Interesting. Have you had a chance to play with it yet? @IRJ

            I am thinking I might spin up a VM and try it.

            1 Reply Last reply Reply Quote 0
            • IRJI
              IRJ
              last edited by

              I set it up. I ran into some issues as the installation instructions weren't the best, but it is up and running.

              Now I am trying to automatically connect my vulnerability scanners.

              1 Reply Last reply Reply Quote 1
              • dafyreD
                dafyre
                last edited by

                I'd be interested in hearing if it works with things like OpenVAS and such. The site & github lists a lot of commercial offerings like Nessus and Metasploit pro.

                IRJI 1 Reply Last reply Reply Quote 0
                • IRJI
                  IRJ @dafyre
                  last edited by

                  @dafyre said in Kvasir Security Management:

                  I'd be interested in hearing if it works with things like OpenVAS and such. The site & github lists a lot of commercial offerings like Nessus and Metasploit pro.

                  No OpenVas support as of now, but I hear that and Qualys are coming down the pipe.

                  1 Reply Last reply Reply Quote 1
                  • IRJI
                    IRJ
                    last edited by

                    Ok, I got scan information imported into Kvasir. It is a cool tool, but will not serve my purposes of vulnerability tracking.

                    Kvasir is really just a way to share scan with a customer instead of giving them 30k page PDFs. So for that purpose the tool is really useful. The customer you are sharing the data with can take notes on each vulnerability, see solutions, see affected IPs, etc.

                    It also organizes vulnerabilities by categories, hosts, and provides various statistics. You can also perform metasploit attacks straight from Kvasir.

                    1 Reply Last reply Reply Quote 2
                    • 1 / 1
                    • First post
                      Last post