Page 403 - Kaleidoscope Academic Conference Proceedings 2024
P. 403
Innovation and Digital Transformation for a Sustainable World
affected_detail optional array of
objects
references optional array of
objects
metrics optional object
linked_weaknesses optional array of
string
linked_capec optional array of
string
vip_severity mandatory String
source_db_additional_info optional array of
objects
5.7 User Interfaces of the Developed Platform Figure 5 – Forensic Intelligence Search and Results
The user interfaces presented by the Web User Interface
module present the results of the endeavor. While the
complete functioning of the solution is out of scope for this
paper, the screenshots of some of the primary user interfaces
are shown below.
Figure 6 – Listing of Collaboration APIs for
Collaborating User
5.8 Chosen Technology Stack for Development
The system has been developed using Java Spring Boot, a
Figure 3 – Vulnerability Statistics Dashboard Java development framework that streamlines the
development process for building robust and scalable web
applications, Spring Web MVC, a part of the Spring
framework of Java that provides clean separation of concerns
through its Model-View-Controller architecture, and
PostgreSQL, a community-driven open-source relational
database management system.
6. RESULTS AND BENEFITS BROUGHT BY
THE DEVELOPED SOLUTION
The developed vulnerability intelligence platform, WebVIP,
defines an efficient automation of integration process from
standardized vulnerability information databases, namely
NVD and OSV database and augments only relevant
information from the linked CWE list and CAPEC repository.
The vulnerability information can be distilled through the
Figure 4 – Vulnerability Intelligence Search and Results user interfaces without getting overwhelmed by the
information overload. The ecosystem configurability options
aid in the process of distilling the information. This solution
brings forth the following results –
• It enhances usability by presenting an intuitive
dashboard with visualization and most relevant
vulnerabilities at the first glance, making interpretation
much easier and effective.
– 359 –
