Automated Vulnerability Management

Sammanfattning: The field of software security is constantly evolving, and security must be taken into consideration throughout the entire product life cycle. This is particularly important in today’s dynamic security landscape, where threats and vulnerabilities constantly change. One of the organizations’ biggest challenges is identifying and managing vulnerabilities in their software systems. This is where automating aspects of vulnerability management can play a crucial role. This thesis aims to investigate the feasibility of using natural language processing to automate vulnerability management. The main objective of the work is to develop a proof-of-concept system that simplifies the work of developers and testers by automatically filtering and categorizing vulnerabilities. The system will use natural language processing to distinguish and classify vulnerabilities based on the details of the vulnerability description. This helps organizations to identify and manage vulnerabilities conveniently, meanwhile saving time and resources. In addition, the system will be integrated with the defect-tracking tool, becoming part of the software development process. Therefore, the vulnerabilities can be identified and managed as early as possible in the development cycle, making resolving them easier and more cost-effective. Integrating the defect-tracking tool will also make it easier for organizations to track and resolve vulnerabilities promptly. In conclusion, this work aims to demonstrate that an automated vulnerability management system using natural language processing is feasible and effective. By simplifying the work of developers and testers, organizations can improve their overall software security posture and reduce their risk of security incidents. The expected outcome of this work is a proof-of-concept system that can be used as a model for organizations which aim to improve their vulnerability management processes.