How can you figure out whether a software is vulnerable? Parsing public CVEs and... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		m00dy on July 23, 2015 \| parent \| context \| favorite \| on: Show HN: AppCanary – Keep vulnerable software off ... How can you figure out whether a software is vulnerable? Parsing public CVEs and matching with version number?

ryanlol on July 23, 2015 | [–]

Unless they're watching updates from repos, it'd be very hard to automate this. CVEs are very far from reliable.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact