Welcome to the SIGVI Web portal
Here you will find documentation, explanations and other interesting information about this project.
SIGVI is the acronym in Spanish for "Sistema Inteligente de Gestión del Vulnerabilidades Informáticas", that's "Computer Vulnerabilities Management Intelligent System". It's a tool to discover, notify and manage the vulnerabilities of our systems. Its an Open Source application, under GPL license.
This project has been developed and maintained from UPCnet (http://www.upcnet.es), ICT service company of the UPC (Universitat Politecnica de Catalunya - Technical University of Catalonia, Spain), http://www.upc.edu). It has also been co-funded in 2008 by the Ministry of Industry, Tourism and Trade of Spain (MITYC, http://www.mityc.es) to obtain a pre-product.
Actually the major changes are taken by the Community of the free software by free people at Sourceforge.
Basic schema of SIGVI flows:
- Daily, download the new vulnerabilities definitions from defined sources like NVD,
- Search on your server/services definitions to detect vulnerabilities on the installed software,
- Once the vulnerabilities are detected will create a new alert on the alert repository and send a notification to each server administrators.
- Server administrators can follow the alert on SIGVI as a ticket:
- The vulnerability definition
- The alert criticity
- Add comments
- Add resolution time
- Set the alert status (open,pending,closed,discarded).
- And finally act on the server.
Other interesting functionalities are:
- A daily report with the new downloaded vulnerabilities is sent to each registered user.
- The servers administrators can follow the alert progress and get all info about vulnerabilities into SIGVI.
- The new version has been designed to complain some of the SCAP protocols like CVE, CPE and CVSS.
- Provides a powerful Bussiness Intelligence tool to create your own reports (executive or technical).
This is a view of the SIGVI administrator of the main page at release 2.0:
Now, you can take a quick tour.