This project is dedicated to analyzing and visualizing Common Vulnerabilities and Exposures (CVE) data ๐ก๏ธ. It focuses on identifying CVEs by their publication date, and whether they're missing Common Platform Enumerations (CPEs) or references.
- Data Extraction: Automatically downloads CVE data from the NVD feeds.
- Data Processing: Parses the JSON data to identify CVEs with/without CPEs and references.
- Visualization: Generates daily and weekly heatmap visualizations to provide insights at a glance.
- Reporting: Creates a detailed analysis report of CVE trends over time.
The generated heatmaps include:
- Total CVEs Per Day: Shows the total count of new CVEs reported each day.
- CVEs Without References: Indicates the number of CVEs lacking references on a daily basis.
- CVEs Without CPEs: Highlights the daily CVEs that are missing CPEs.
- Median and Mean EPSS scores: Monitor EPSS for changes overtime.
- EPSS for CISA KEV added after 2023: Keeping track of EPSS on CISA KEV
- CVSS for CISA KEV added after 2023: Keeping track of EPSS on CISA KEV
To generate the heatmaps:
python generate_cve_heatmap.py