Thesis CVE-HUNTER: sistema de detección y alertas tempranas de Common Vulnerabilities and Exposures (CVE), para evitar la explotación de vulnerabilidades en las organizaciones
Loading...
Date
2025-07
Authors
Journal Title
Journal ISSN
Volume Title
Program
Ingeniería Civil Informática
Departament
Campus
Campus Casa Central Valparaíso
Abstract
Los riesgos crecientes en ciberseguridad exigen soluciones proactivas para proteger los activos digitales. Se propone CVE-Hunter, un sistema de monitoreo pasivo de vulnerabilidades diseñado para automatizar la recolección y notificación de Common Vulnerabilities and Exposures (CVE). Su objetivo es asistir a equipos de desarrollo en la identificación temprana de amenazas emergentes. Para su validación, CVE-Hunter se evaluó rigurosamente con la empresa Develrox. La evaluación implicó el análisis de tecnologías específicas mediante una verificación aleatoria estratificada contra la National Vulnerability Database (NVD). Los resultados fueron positivos: el sistema detectó 242 vulnerabilidades asociadas a las tecnologías monitoreadas, de un total de 7503 CVEs generales. A pesar de limitaciones puntuales, el sistema demostró una alta efectividad. CVE-Hunter se posiciona como una primera línea de defensa, capacitando a las organizaciones para tomar decisiones informadas y responder ágilmente, optimizando su postura de ciberseguridad.
The escalating risks in cybersecurity demand proactive solutions to safeguard digital assets. This thesis proposes CVE-Hunter, a passive vulnerability monitoring system designed to automate the collection and notification of Common Vulnerabilities and Exposures (CVEs). Its primary objective is to assist development teams in the early identification of emerging threats. For validation, CVE-Hunter was rigorously evaluated in collaboration with Develrox, a cybersecurity consulting firm. This evaluation involved the analysis of specific technologies through a stratified random verification against the National Vulnerability Database (NVD). The results were significantly positive: the system detected 242 vulnerabilities associated with the monitored technologies, out of a total of 7503 general CVEs identified. Despite specific limitations, the system demonstrated high effectiveness. CVE-Hunter positions itself as a crucial first line of defense, empowering organizations to make informed decisions and respond agilely, thereby optimizing their cybersecurity posture.
The escalating risks in cybersecurity demand proactive solutions to safeguard digital assets. This thesis proposes CVE-Hunter, a passive vulnerability monitoring system designed to automate the collection and notification of Common Vulnerabilities and Exposures (CVEs). Its primary objective is to assist development teams in the early identification of emerging threats. For validation, CVE-Hunter was rigorously evaluated in collaboration with Develrox, a cybersecurity consulting firm. This evaluation involved the analysis of specific technologies through a stratified random verification against the National Vulnerability Database (NVD). The results were significantly positive: the system detected 242 vulnerabilities associated with the monitored technologies, out of a total of 7503 general CVEs identified. Despite specific limitations, the system demonstrated high effectiveness. CVE-Hunter positions itself as a crucial first line of defense, empowering organizations to make informed decisions and respond agilely, thereby optimizing their cybersecurity posture.
Description
Keywords
Vulnerabilidades, Notificación, Ciberseguridad, Desarrollo de software, CVE (Common Vulnerabilities and exposures), Vulnerabilities, Notification, Cybersecurity, Software developer
Política de Privacidad 
