X-twitter Linkedin Instagram Youtube

GUAITA

Duration of the project:
December, 2016 –
January, 2018
Project Manager
Manel Medina, Antonio Rodríguez, Antonia Gómez
inLab FIB Team:
Kevin Callado, Victor Gonzalez, Roger Martín
Areas of expertise involved in the project
URL:

GUAITA

Home » Success Stories »

GUAITA

Description

The GUAITA project of inLab FIB – esCERT is the evolution of the ALTAIR-SIGVI project that you can also find on this website. Altair-SIGVI was outdated by the technology that was used at that time, this prevented changes and extensions and it was decided to redo the application from scratch instead of trying to make these modifications and extensions on Altair.

GUAITA allows you to monitor an organization’s software products and notify you if any of them present any vulnerabilities. It is provided with an improved database both in terms of security, it has encrypted identifiable data, as well as data access speed. This database containing the software inventory and its vulnerabilities is updated daily to reflect new vulnerabilities (CVE’s) registered by NIST. NIST maintains a database of all vulnerabilities that have existed since 2002 and allows for free download or query in XML format.

Extensions and advantages contemplated by GUAITA compared to Altair:

  • It supports the new format of CVE’s.
  • It has an API to be able to upload files in NMAP or JSON format that contain the necessary data of the systems to be monitored / inventoried, in addition to offering remote scanning, through nmap, of these systems. This is an advantage over the previous implementation as remote scanning is sometimes not available and this makes it easier for administrators to perform their own scanning and upload it to the platform themselves.
  • Implement a ticketing system to manage vulnerabilities.
  • It provides 3 user profiles:
    • The super administrator of the whole platform who will have access to define configurations, users, units, networks…
    • The administrator of the unit will be able to define their assets, give permission to their managers and perform complete scans of their assets.
    • The manager of the unit will have permissions to view, check and modify the vulnerabilities of the different assets of his unit. It is basically responsible for managing vulnerabilities.
  • Easier-to-use interface for administrators and resolvers.
  • Personalized notifications on the platform or via email.
  • Graphics to visualize assets and their vulnerabilities more quickly.

 

Poster summarising the project: