VulnWhisperer – Create Actions from Vulnerability Data

VulnWhisperer is a vulnerability management tool and report aggregator. VulnWhisperer will pull all the reports from the different Vulnerability scanners and create a file with a unique filename for each one, using that data later to sync with Jira and feed Logstash.

VulnWhisperer - Create Actionable Data from Vulnerability Scans
VulnWhisperer – Create Actionable Data from Vulnerability Scans

Jira does a closed cycle full Sync with the data provided by the Scanners, while Logstash indexes and tags all of the information inside the report. Data is then shipped to ElasticSearch to be indexed, and ends up in a visual and searchable format in Kibana with already defined dashboards.

Currently the tool support Nessus (v6/v7/v8), Qualys WAS , OpenVAS (v7/v8/v9) Tenable.io and Qualys Vulnerability Management and allow to make the following:

  • Create new tickets with new vulnerabilities
  • Update existing tickets’ assets
  • Comment each asset change on the ticket
  • Allow tracking of “risk_accepted” assets
  • Group all assets by team/jira project
  • Close tickets that have been solved
  • Reopen closed tickets still unresolved
  • Close obsolete tickets to get rid of old system’s duplicates

The module ignores tickets that have been closed that contain the labels either risk_accepted or server_decomission. This is so that teams can close tickets if they are not going to fix it and stop being bothered, but also allow the tracking of those issue for doing Risk Assessment.

Version 1.8 include the following update:

  • Completion of Jira Closed Cycle Sync Use Cases and general improvements.
  • Fix of all reported VulnWhisperer bugs.
  • Deleted VulnWhisperer’s qualysapi fork dependency and merged code with the original library
  • Implementation of project testing and coverage, including mocking API calls from the modules.
  • Implemented docker-compose testing.
  • Updated Travis to check on each commit against all implemented tests.
  • Moved completely to ELK6 and fixed Issues with ElasticSearch and Kibana (ELK5 now deprecated).
  • Fix of Qualys WAS module
  • Improvement of Nessus download handling
  • Unused code cleanup
  • Added file logging and improved logging format
  • Reorg of the project resources structure
  • Updated documentation both in Readme and Wiki page.

You can read more and download this tool over here: https://github.com/HASecuritySolutions/VulnWhisperer

Share