Name: greenbone-scap
Author: greenbone

Primary Use Case

This tool is used by security professionals and developers to automate the retrieval and storage of CVE and CPE data from the NIST National Vulnerability Database, enabling efficient vulnerability scanning and management. It is especially useful for integrating up-to-date vulnerability information into security automation workflows and DevSecOps pipelines.

Key Features

Downloads CVE information from NIST NVD REST API

Downloads CPE information from NIST NVD REST API

Stores data in a PostgreSQL database

Provides CLI tools for downloading and searching CVE and CPE data

Supports environment variable and CLI argument configuration for database connection

Includes Docker Compose setup for easy deployment

Supports NIST API key for extended rate limits

Incremental updates of CVE and CPE data after initial download

Insights & Recommendations

The tool requires a PostgreSQL database to function properly and supports configuration via environment variables or CLI arguments. Using a NIST API key is recommended to avoid rate limiting during data downloads. Initial data download can take several hours depending on network and NIST server availability. Installation via pip may not work on some newer Linux distributions due to PEP 668; pipx installation is preferred.

Installation

Ensure Python 3.11 or later is installed
Install greenbone-scap using pipx: python3 -m pipx install greenbone-scap
Alternatively, install via pip (note: may not work on newer distros due to PEP 668): python3 -m pip install --user greenbone-scap
Set up a PostgreSQL database accessible to the tool
Optionally use Docker Compose for quick setup: cd docker
Create .env file with DATABASE_PASSWORD and optionally NVD_API_KEY
Run docker compose up to start the services

Usage

greenbone-cve-download

Downloads all CVE information from NIST NVD into the PostgreSQL database

greenbone-cpe-download

Downloads all CPE information from NIST NVD into the PostgreSQL database

greenbone-cpe-find

Searches for specific CPE entries in the PostgreSQL database

docker compose up

Starts the Docker containers and downloads all CVE and CPE data

docker compose up cpe

Downloads only CPE data via Docker

docker compose up cve

Downloads only CVE data via Docker

docker volume rm greenbone-scap_data

Deletes the data volume to re-download and re-update all CVE and CPE information

docker compose down -v

Stops all containers and removes volumes to restart from scratch

Smart Usage Notes

Integrate greenbone-scap into CI/CD pipelines for automated vulnerability data updates and scanning.Use the PostgreSQL backend to correlate CVE data with internal asset inventories for prioritized remediation.Combine with Security Orchestration Automation and Response (SOAR) tools to trigger alerts and workflows based on new vulnerabilities.Leverage the CLI and Docker Compose setup for rapid deployment in development and testing environments.Augment threat hunting by cross-referencing CVE data with observed indicators of compromise (IOCs) in logs.

OpenSec Atlas

greenbone-scap

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like