The National Vulnerability Database (NVD) connector integrates with the Common Platform Enumeration (CPE), Common Weakness Enumeration (CWE), and Common Vulnerabilities and Exposures (CVE) data feeds. The NVD connector provides standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). Asset and vulnerability data from NVD is sent to RiskVision, and this data can be used for threat and vulnerability management.
The NVD connector connects to the NIST database and automatically pulls vulnerabilities to populate RiskVision's vulnerabilities section. GS: I know it can be configured to do more, but how often does it do this by default? The connector automatically maps the NVD vulnerability field to target fields. CVE ID, patch, exploits, and other vulnerability-specific information is imported and mapped automatically to RiskVision's target fields. Remediation workflow helps organizations prioritize each vulnerability and fix them in time.