Free 30-day trial

Try our product 30-days for free. No credit card needed.
Integrate with your tools in minutes.

Vulnerability Data

1 k+
#Vulnearbilities

Official amount of vulnerabilities found at NVD and other sources.

1 Min
Refresh rate

We refresh and scan our sources every 15 minutes.

1 %
Our Improvement

Data quality improvement compared to NVD.

1
New vulnearbilities

Daily average analysed from NVD and other sources.

Data Collection

NVD

NVD (National Vulnerability Database) is the main source for vulnerabilities in third party components. The database is owned by the US government and releases on average information about 50 new vulnerabilities each day.

Additional sources

All vulnerabilities don’t reach NVD, which creates the need to collect data from additional sources. Debricked monitors closely important open source repositories, security advisories, forums and mailing lists to deliver accurate vulnerability information to our customers.

Accuracy

NVD consists of text data with information about vulnerabilities. This data can be messy, unlabelled or incorrectly labelled. We refine this data with natural language processing (NLP) to increase the accuracy of the information we give you.

Analysis

Some of our sources contain a lot of data, such as GitHub. Some vulnerabilities on GitHub are labelled as security related, but most of them have no label at all. We classify text from issues and releases, and determine whether it is relevant for you or not.

Data Processing

Making it actionable

Prioritization

Vulnerabilities may have different implications depending on your system, which makes it necessary to prioritize them according to your needs. Our rule based and deterministic prioritization system helps handle the most important vulnerabilities first.

Visualization

It's important to be efficient when visualizing large sets of data. We want to enable you to create KPIs and continuously measure your security. This empowers you to take the right decisions in a cost effective manner.

Fix

Taking action in our tool automatically provide relevant developers and teams with tasks/issues which include the information they need to execute. When a vulnerability has been handled, and the issue is closed in your system (e.g Jira), this is displayed in our tool, which enables you to measure your success.