SecQua

SecQua is an open source project written in Python, that tries to quantify the security of a given Information System, using a novel security metric, trying to provide a deterministic, unbiased, objective and efficient measurement. The approach is vulnerability driven and in order to get as much unbiased results, it makes use of the National Vulnerability Database.
This work is mainly based on the following publications:
*C. Patsakis, Gregory Chondrocoukis, D. Mermigas, S. Pirounias, The role of weighted entropy in security quantification, International Conference On Information Security And Artificial Intelligence (ISAI 2010), December 17-19, 2010, Chengdu, China.
*C. Patsakis, D. Mermigas, S. Pirounias, N. Alexandris, E. Fountas, Towards a formalistic measuring of security using stochastic calculus, 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT 2010), Chengu, China, 9-11 July 2010.

Features

DB updates through NVD xml files
Latex reports

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow SecQua

SecQua Web Site

Other Useful Business Software

Auth for GenAI | Auth0

Enable AI agents to securely access tools, workflows, and data with fine-grained control and just a few lines of code.

Easily implement secure login experiences for AI Agents - from interactive chatbots to background workers with Auth0. Auth for GenAI is now available in Developer Preview

Try free now

Rate This Project

User Reviews

Be the first to post a review of SecQua!

Additional Project Details

Intended Audience

Information Technology, Auditors, Security Professionals, Security

User Interface

wxWidgets

Programming Language

Python

Database Environment

Python Database API

Related Categories

Python Security Software

Registered

2012-05-10

Similar Business Software

Criminal IP

Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software