Welcome to the vuln-data-science repository! This project focuses on applying data science techniques to vulnerability management and analysis. Our goal is to explore, analyze, and share insights on vulnerabilities using data science methodologies.
- Introduction
- Motivation
- Features
- Getting Started
- Usage
- Project Structure
- Notebooks and Markdown
- Contributing
- License
- Contact
- Future Work
- Acknowledgments
In the modern cybersecurity landscape, vulnerability management is crucial. By leveraging data science, we can gain deeper insights into vulnerabilities, predict trends, and enhance our overall security posture. This repository contains data, Jupyter notebooks, and analysis scripts aimed at advancing our understanding of vulnerabilities across various domains, including software and network vulnerabilities. We utilize data from trusted sources such as:
- CISA Known Exploited Vulnerabilities (KEV)
- Exploit Prediction Scoring System (EPSS)
- Microsoft Security Update Guide
- NIST National Vulnerability Database (NVD)
Effective vulnerability management is essential for maintaining a strong security posture. This project demonstrates how data science can be used to identify patterns, predict vulnerabilities, and provide actionable insights to security professionals.
- Data Collection: Automated scripts for collecting vulnerability data from various sources.
- Data Cleaning: Techniques to preprocess and clean the data for analysis.
- Exploratory Data Analysis: Visualizations and insights into vulnerability trends.
- Predictive Analysis: Models to predict future vulnerabilities and their potential impact.
- Tools & Libraries: Utilization of tools like Pandas, Matplotlib, Seaborn, and Scikit-learn for data processing and analysis.
Before you begin, ensure you have the following software installed:
- Python 3.11 or higher
-
Clone the repository:
git clone https://github.com/typeerror/vuln-data-science.git
-
Navigate to the project directory:
cd vuln-data-science -
Create a virtual environment:
python -m venv .venv
-
Activate the virtual environment:
- On Windows:
venv\Scripts\activate
- On macOS and Linux:
source .venv/bin/activate
- On Windows:
-
Install the required dependencies:
pip install .Alternatively, if you use Hatch, you can set up the environment with:
hatch env create hatch shell
To start exploring the data and running the analyses, open the Jupyter notebooks in the notebooks directory. Each
notebook focuses on a different aspect of the data pipeline.
You can launch Jupyter Notebook with the following command:
jupyter notebookNavigate to the notebooks directory and open any notebook to get started.
vuln-data-science/
├── data/
├── notebooks/
├── scripts/
│ ├── nb_to_md.py
├── README.md
└── LICENSE
We welcome contributions! If you have ideas or find issues, please open a GitHub issue or submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.
For questions or suggestions, reach out via GitHub issues, email at [email protected], or connect with Caleb on LinkedIn.
We plan to expand the project with the following features:
- Additional Data Sources: Integration with more vulnerability databases and threat intelligence feeds.
- Advanced Analytics: Machine learning models for predicting vulnerability exploitation likelihood.
- Visualization Dashboards: Interactive dashboards for visualizing trends and insights.
This project uses data from various publicly available sources. Please ensure compliance with their respective usage agreements and attribution requirements if you use or redistribute the data.
- Website: NVD Developers - Terms of Use
- Attribution Requirement:
- Services utilizing the NVD API must display the following notice prominently:
"This product uses the NVD API but is not endorsed or certified by the NVD."
- The NVD name may only be used to identify the source of API content and may not imply endorsement of any product or service.
- Services utilizing the NVD API must display the following notice prominently:
- Website: CISA KEV License
- License:
- The KEV database is distributed under the Creative Commons 0 1.0 License.
- You may use this data in any legal manner, but note:
- Information provided at any 3rd-party links included in the KEV database is bound by the policies and licenses of those third-party websites.
- Use of the information does not authorize you to use the CISA Logo or DHS Seal, nor should such use be interpreted as an endorsement by CISA or DHS.
- Website: EPSS - FIRST.org
- Usage Agreement:
- EPSS scores are freely available for public use.
- Attribution Requirement:
"See EPSS at https://www.first.org/epss"
or
"Jay Jacobs, Sasha Romanosky, Benjamin Edwards, Michael Roytman, Idris Adjerid, (2021), Exploit Prediction Scoring System, Digital Threats Research and Practice, 2(3)."
We would like to acknowledge the work of researchers and contributors who are advancing the field of vulnerability data science. Their insights and tools have been instrumental in shaping this project. This project also draws inspiration from the broader cybersecurity and data science communities, whose collective efforts improve security practices and promote knowledge sharing.
-
Jay Jacobs
Co-founder of the Cyentia Institute, focusing on security metrics and data-driven decision-making in vulnerability management and risk assessment. -
Jerry Gamblin / GitHub
Security researcher and advocate, contributing to vulnerability analysis, remediation strategies, and the development of security tools. -
Patrick Garrity
Acclaimed security researcher with deep expertise in vulnerabilities, exploitation, and threat actor analysis, focused on transforming complex vulnerability data into clear, actionable visualizations. -
Wade Baker
Co-founder of the Cyentia Institute and co-creator of the Verizon Data Breach Investigations Report (DBIR), specializing in security data analytics and risk management.
We also want to thank the broader cybersecurity and data science communities for their contributions. This project draws inspiration from collective efforts to improve security practices and promote knowledge sharing.