SecQua

SecQua is an open source project written in Python, that tries to quantify the security of a given Information System, using a novel security metric, trying to provide a deterministic, unbiased, objective and efficient measurement. The approach is vulnerability driven and in order to get as much unbiased results, it makes use of the National Vulnerability Database.
This work is mainly based on the following publications:
*C. Patsakis, Gregory Chondrocoukis, D. Mermigas, S. Pirounias, The role of weighted entropy in security quantification, International Conference On Information Security And Artificial Intelligence (ISAI 2010), December 17-19, 2010, Chengdu, China.
*C. Patsakis, D. Mermigas, S. Pirounias, N. Alexandris, E. Fountas, Towards a formalistic measuring of security using stochastic calculus, 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT 2010), Chengu, China, 9-11 July 2010.

Features

DB updates through NVD xml files
Latex reports

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow SecQua

SecQua Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of SecQua!

Additional Project Details

Intended Audience

Information Technology, Auditors, Security Professionals, Security

User Interface

wxWidgets

Programming Language

Python

Database Environment

Python Database API

Related Categories

Python Security Software

Registered

2012-05-10

Similar Business Software

Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software