SecQua

SecQua is an open source project written in Python, that tries to quantify the security of a given Information System, using a novel security metric, trying to provide a deterministic, unbiased, objective and efficient measurement. The approach is vulnerability driven and in order to get as much unbiased results, it makes use of the National Vulnerability Database.
This work is mainly based on the following publications:
*C. Patsakis, Gregory Chondrocoukis, D. Mermigas, S. Pirounias, The role of weighted entropy in security quantification, International Conference On Information Security And Artificial Intelligence (ISAI 2010), December 17-19, 2010, Chengdu, China.
*C. Patsakis, D. Mermigas, S. Pirounias, N. Alexandris, E. Fountas, Towards a formalistic measuring of security using stochastic calculus, 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT 2010), Chengu, China, 9-11 July 2010.

Features

DB updates through NVD xml files
Latex reports

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow SecQua

SecQua Web Site

Other Useful Business Software

Full-stack observability with actually useful AI | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.

Create free account

Rate This Project

User Reviews

Be the first to post a review of SecQua!

Additional Project Details

Intended Audience

Auditors, Information Technology, Security, Security Professionals

User Interface

wxWidgets

Programming Language

Python

Database Environment

Python Database API

Related Categories

Python Security Software

Registered

2012-05-10

Similar Business Software

ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software