Vulnerability Libraries
Vulnerability Libraries
Section titled “Vulnerability Libraries”NEURO integrates with industry-leading vulnerability databases and intelligence platforms to enrich findings and discover assets.
NVD Integration
Section titled “NVD Integration”The National Vulnerability Database (NVD) provides CVE details, CVSS scores, and references.
Features
Section titled “Features”- Automatic CVE Lookup - CVEs in findings are automatically enriched
- CVSS Scores - CVSS 3.1 and 4.0 scores from NVD
- References - Links to advisories, patches, and exploits
- CPE Matching - Common Platform Enumeration for affected products
Configuration
Section titled “Configuration”NVD integration works out of the box - no API key required for basic lookups.
For higher rate limits:
- Go to Settings → Integrations → API Keys
- Enter your NVD API key
- Click Save
Shodan Integration
Section titled “Shodan Integration”Shodan provides internet-wide scanning data for asset discovery and exposure monitoring.
Features
Section titled “Features”- Host Lookup - Query IP addresses for open ports and services
- Vulnerability Detection - Known CVEs affecting discovered services
- Banner Grabbing - Service version and configuration details
- Historical Data - Track changes over time
Configuration
Section titled “Configuration”- Go to Settings → Integrations → API Keys
- Enter your Shodan API key
- Click Test Connection
- Click Save
- Asset Discovery - Search by IP, domain, or organization
- Finding Enrichment - Add context to network findings
- Exposure Monitoring - Track internet-facing assets
Censys Integration
Section titled “Censys Integration”Censys provides certificate transparency and host scanning data.
Features
Section titled “Features”- Certificate Search - Find certificates by domain, issuer, or fingerprint
- Host Discovery - Discover hosts and their exposed services
- Protocol Analysis - TLS/SSL configuration details
- Historical Records - View changes over time
Configuration
Section titled “Configuration”- Go to Settings → Integrations → API Keys
- Enter your Censys API ID and Secret
- Click Test Connection
- Click Save
- Certificate Inventory - Track SSL/TLS certificates
- Subdomain Discovery - Find hosts via certificate data
- Compliance Checking - Verify TLS configurations
DeHashed Integration
Section titled “DeHashed Integration”DeHashed provides access to breach data for credential exposure monitoring.
Features
Section titled “Features”- Email Search - Find breached credentials by email
- Domain Search - Discover all breached accounts for a domain
- Password Exposure - Check if passwords were exposed (hashed)
- Breach Source - Identify which breaches affected accounts
Configuration
Section titled “Configuration”- Go to Settings → Integrations → API Keys
- Enter your DeHashed Email and API Key
- Click Test Connection
- Click Save
- Credential Audit - Check client domains for exposed credentials
- Risk Assessment - Identify accounts at risk
- Breach Notification - Alert clients to compromised accounts
API Key Management
Section titled “API Key Management”All API keys are:
- Encrypted at rest using AES-256
- Tenant-isolated - Each tenant manages their own keys
- Audited - Key usage is logged
Adding API Keys
Section titled “Adding API Keys”- Navigate to Settings → Integrations → API Keys
- Select the integration
- Enter credentials
- Test the connection
- Save
Removing API Keys
Section titled “Removing API Keys”- Navigate to Settings → Integrations → API Keys
- Click the trash icon next to the integration
- Confirm removal
Next: Enterprise Integrations