I have a CVE console dashboard that was published on the IBM X-Force AppExchange yesterday.
Please check in out - but sorry you have to log in to download.
I created it because the QRadar integration we have is popular for managing vulnerabilities/patches via CVEs. However, QRadar is obviously needed, so this dashboard attempts to provide similar info from within BigFix without the need for QRadar.
Link to the CVE Dashboar on IBM X-Force AppExchange.
In general this is how it works.
- There is a command line utility that is scheduled via a Fixlet. You can also run it manually.
- The utility downloads any CVEs from the National Vulnerability Database (NVD) if there are corresponding Fixlets.
- The Console Dashboard is then used to browse and search the data.