DEV Community

Cover image for Introducing CVE-Alert: Free Real-Time Vulnerability Tracking by Dataforge
Daniel Forsyth
Daniel Forsyth

Posted on

Introducing CVE-Alert: Free Real-Time Vulnerability Tracking by Dataforge

#security #devops #python #opensource

After years of using our command-line tools to track CVEs, we built CVE-Alert - a free web-based platform that monitors security vulnerabilities and sends email alerts for the vendors and products you actually use.
Introducing CVE-Alert: Free Real-Time Vulnerability Tracking
After years of using our command-line tools to track CVEs, we built CVE-Alert - a free web-based platform that monitors security vulnerabilities and sends email alerts for the vendors and products you actually use.

The Problem

Running an MSP means keeping track of security vulnerabilities across dozens of different clients. Each one has their own tech stack, and new CVEs drop every day. Manually checking CVE databases to see what's relevant is a pain in the ass and it's way too easy to miss something important.

I've been using command-line scripts for this for years. They worked fine for me, but nobody else on the team could use them and there was no way to share them with clients.

What We Built

CVE-Alert connects directly to CVE.org and pulls in new vulnerabilities as they're published. You tell it what vendors and products you're running, and it emails you when something relevant shows up.

That's pretty much it. No complicated setup, no expensive licensing.

What it does:

  • Subscribe to the vendors and products you actually use
  • Set severity filters if you only want critical alerts
  • Get emails with the full vulnerability details
  • Search through all CVEs if you need to look something up

Who Should Use It

We built this for ourselves first - MSPs juggling multiple client environments. But it works for anyone who needs to stay on top of vulnerabilities:

  • IT teams running enterprise software
  • Security folks monitoring their infrastructure
  • Developers tracking dependencies

Why Free?

Honestly? It helps promote Dataforge. But also, we're already using it internally. Making it available to the community doesn't cost us anything extra, and security information should be accessible to everyone. I hope people enjoy it and it brings them value.

Try It Out

Head over to cve-alert.app.dataforgecanada.com and create an account.

Top comments (0)