SecQua

SecQua is an open source project written in Python, that tries to quantify the security of a given Information System, using a novel security metric, trying to provide a deterministic, unbiased, objective and efficient measurement. The approach is vulnerability driven and in order to get as much unbiased results, it makes use of the National Vulnerability Database.
This work is mainly based on the following publications:
*C. Patsakis, Gregory Chondrocoukis, D. Mermigas, S. Pirounias, The role of weighted entropy in security quantification, International Conference On Information Security And Artificial Intelligence (ISAI 2010), December 17-19, 2010, Chengdu, China.
*C. Patsakis, D. Mermigas, S. Pirounias, N. Alexandris, E. Fountas, Towards a formalistic measuring of security using stochastic calculus, 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT 2010), Chengu, China, 9-11 July 2010.

Features

DB updates through NVD xml files
Latex reports

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow SecQua

SecQua Web Site

Other Useful Business Software

Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.

Try free now

Rate This Project

User Reviews

Be the first to post a review of SecQua!

Additional Project Details

Intended Audience

Information Technology, Auditors, Security Professionals, Security

User Interface

wxWidgets

Programming Language

Python

Database Environment

Python Database API

Related Categories

Python Security Software

Registered

2012-05-10

Similar Business Software

Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software