Filter your CVE reports



by Nicolas Crocfer

Filter your CVE reports

The main use of Saucs is to notify you when a CVE is updated. From now you can customize the filters that are run before creating your reports : this new feature allows you to receive alerts that really interest you. Another new feature is the notification frequency : you can choose to receive an email once a day or as soon as a CVE is updated.

Why ?

Saucs allows you to subscribe to dozens of vendors and products with no limit. When a CVE is updating, we create an alert containing its changes, then we aggregate all your alerts and we send you a new report.

But sometimes the NVD makes big changes in their database, and thousands of alerts are created in a few minutes. If you have subscribed to many vendors and products, your report can contain a lot of alerts and it becomes complicated to analyse it : some of them are important for you, others are not (for example a new reference added to a CVE may not interest you).

To avoid this, you can now choose the types of change you want to be notified. We currently provide the following filters :

  • the summary of a CVE has changed,
  • the CVSS score of a CVE has changed,
  • some of its CPE have been added, changed or removed,
  • some of its references have been added, changed or removed,
  • some of its CWE have been added or removed.

These filters are available in your profile.

Report frequency

The NVD updates its CVE database approximately every 2 hours, which means you can potentially receive an email every 2 hours.

Some of you are interested to be informed very quickly, but others just want to receive a report once a day. From now Saucs allows you to choose this behaviour in your profile.

And next ?

The previous filters are useful but it’s just a first step. We think some users may be interest in advanced filters : for example they want to be notified only if the CVSS score is higher than a customized value.

As usual, if you have some new ideas or feedbacks, do not hesitate to contact us through our twitter account.