Overview
Using the NIST NVD Transforms for Maltego, investigators are able to quickly discover context and insights around CVEs, CPEs and CWEs using the NIST National Vulnerability Database.
The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce.
The National Vulnerability Database (NVD) is a product of the NIST Computer Security Division, Information Technology Laboratory. NVD is the U.S. government repository of standards-based vulnerability management data.
NVD data is represented using the Security Content Automation Protocol (SCAP) and enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
The NVD performs analysis on CVEs that have been published to the CVE Dictionary. The NVD team analyzes CVEs by aggregating data points from the description, references supplied and any supplemental data that can be found publicly at the time. This analysis results in association impact metrics (Common Vulnerability Scoring System - CVSS), vulnerability types (Common Weakness Enumeration - CWE), and applicability statements (Common Platform Enumeration - CPE), as well as other pertinent metadata.
Investigators can leverage NIST NVD data for:
Risk and Vulnerability Assessment and Management
Assess an organization's possible exposure to threats, especially with the help of CPEs.
Risk Mitigation
Understand the cause of vulnerabilities and how to proactively detect and prevent them.
Evaluation of Cybersecurity Compliance
Monitor and remediate your organization's security protocols against NIST standards, consisting of security best practices controls, in a broad set of industries. Complying with NIST guidelines and recommendations will help ensure compliance with other regulations, such as HIPAA, FISMA, or SOX.
You can read more about the benefits of NIST NVD on our website here.
Be sure not to miss our blog post, Protect Your Organization with NIST NVD and Maltego, to find out exactly what kind of information can be discovered using the NIST NVD Transforms and what a typical investigation using this integration would entail.
Pricing & Access
NIST NVD is freely available to both Maltego Commercial and Maltego Community Hub users. The Hub item can be installed directly from the Maltego Data Hub.
NIST NVD Transforms
Get CVE details [NIST NVD]
Description
This Transform returns the CVE details from the National Vulnerability Database.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Get CVE details [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.cveToCveDetails |
| Short Description | This Transform returns the CVE details from the National Vulnerability Database |
| Input Entities | maltego.CVE |
| Output Entities | maltego.CVE |
To CPE [NIST NVD]
Description
This Transform returns the CPEs on which the input CVE was found.
Transform Settings
| Setting Name | Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
|---|---|---|---|---|---|---|
| maltego.nistnvd.cveToCpe.addOns | Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | True | True | False |
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | To CPE [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.cveToCpe |
| Short Description | This Transform returns the CPEs on which the input CVE was found |
| Input Entities | maltego.CVE |
| Output Entities | maltego.CPE |
To CWE [NIST NVD]
Description
The Transform returns the CWE for the input CVE.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | To CWE [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.cveToCwe |
| Short Description | The Transform returns the CWE for the input CVE |
| Input Entities | maltego.CVE |
| Output Entities | maltego.CWE |
To CVSS [NIST NVD]
Description
The Transform returns the CVSS for the input CVE.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | To CVSS [NIST NVD] |
| Owner | Maltego Technologies GmbH |
| Author | Maltego Technologies GmbH |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.cveToCvss |
| Short Description | The Transform returns the CVSS for the input CVE. |
| Input Entities | maltego.CVE |
| Output Entities | maltego.CVSS |
Search for CVEs [NIST NVD]
Description
This Transform searches National Vulnerability Database for CVEs.
Transform Settings
| Setting Name | Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
|---|---|---|---|---|---|---|
| maltego.nistnvd.phraseToCve.addOns | Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | True | True | False |
| maltego.nistnvd.phraseToCve.cpeMatchString | CPE Match String | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.cvssV2Metrics | CVSS V2 Metrics | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.cvssV2Severity | CVSS V2 Severity (LOW, MEDIUM, HIGH) | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.cvssV3Metrics | CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.cvssV3Severity | CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.cweId | CWE ID | string | None | True | True | False |
| maltego.nistnvd.phraseToCve.includeMatchStringChange | Include Match String Change (Check if vulnerabilities or associated product names were modified) | boolean | None | True | True | False |
| maltego.nistnvd.phraseToCve.isExactMatch | Exact Match | boolean | None | True | True | False |
| maltego.nistnvd.phraseToCve.modRange | Modification Date Range (120 days max) | daterange | None | True | True | False |
| maltego.nistnvd.phraseToCve.pubRange | Publication Date Range (120 days max) | daterange | None | True | True | False |
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Search for CVEs [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.phraseToCve |
| Short Description | This Transform searches National Vulnerability Database for CVEs |
| Input Entities | maltego.Phrase |
| Output Entities | maltego.CVE |
Search for CPEs [NIST NVD]
Description
This Transform searches National Vulnerability Database for CPEs.
Transform Settings
| Setting Name | Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
|---|---|---|---|---|---|---|
| maltego.nistnvd.phraseToCpe.cpeMatchString | CPE Match String | string | None | True | True | False |
| maltego.nistnvd.phraseToCpe.includeDeprecated | Include Deprecated | boolean | None | True | True | False |
| maltego.nistnvd.phraseToCpe.modRange | Modification Date Range (120 days max) | daterange | None | True | True | False |
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Search for CPEs [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.phraseToCpe |
| Short Description | This Transform searches National Vulnerability Database for CPEs |
| Input Entities | maltego.Phrase |
| Output Entities | maltego.CPE |
To CVE [NIST NVD]
Transform Settings
| Setting Name | Display Name | Setting Type | Default Value | Optional | Popup | Authentication |
|---|---|---|---|---|---|---|
| maltego.nistnvd.cweToCve.addOns | Add Ons (Include Official CPE Names. Example, dictionaryCpes) | string | dictionaryCpes | True | True | False |
| maltego.nistnvd.cweToCve.cpeMatchString | CPE Match String | string | None | True | True | False |
| maltego.nistnvd.cweToCve.cvssV2Metrics | CVSS V2 Metrics | string | None | True | True | False |
| maltego.nistnvd.cweToCve.cvssV2Severity | CVSS V2 Severity (LOW, MEDIUM, HIGH) | string | None | True | True | False |
| maltego.nistnvd.cweToCve.cvssV3Metrics | CVSS V3 Metrics (Example, AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) | string | None | True | True | False |
| maltego.nistnvd.cweToCve.cvssV3Severity | CVSS V3 Severity (LOW, MEDIUM, HIGH, CRITICAL) | string | None | True | True | False |
| maltego.nistnvd.cweToCve.includeMatchStringChange | Include Match String Change (Check if vulnerabilities or associated product names were modified) | boolean | None | True | True | False |
| maltego.nistnvd.cweToCve.isExactMatch | Exact Match | boolean | None | True | True | False |
| maltego.nistnvd.cweToCve.keyword | Keyword | string | None | True | True | False |
| maltego.nistnvd.cweToCve.modRange | Modification Date Range (120 days max) | daterange | None | True | True | False |
| maltego.nistnvd.cweToCve.pubRange | Publication Date Range (120 days max) | daterange | None | True | True | False |
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | To CVE [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Output Entities | maltego.CVE |
Variants
| Transform Name | Short Description | Input Entities |
|---|---|---|
| maltego.nistnvd.cweToCve | This Transform returns the CVEs associated with the input CWE | maltego.CWE |
| maltego.nistnvd.cpeToCve | This Transform returns the CVEs associated with input CPE | maltego.CPE |
Get CPE details [NIST NVD]
Description
This Transform returns the CPE details from the CPE Dictionary.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Get CPE details [NIST NVD] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | NIST NVD |
| Transform Name | maltego.nistnvd.cpeToCpeDetails |
| Short Description | This Transform returns the CPE details from the CPE Dictionary |
| Input Entities | maltego.CPE |
| Output Entities | maltego.CPE |