Positive Technologies, a leader in result-driven cybersecurity, has launched a portal consolidating data on software and hardware vulnerabilities from manufacturers worldwide. This regularly updated database helps ethical hackers, cybersecurity professionals, and organizations stay informed about the latest security flaws. The platform features detailed information on 317,000 vulnerabilities, the researchers who discovered them, and vendor recommendations for swift remediation.
Recent reports of delays in updates to well-known vulnerability databases like the National Vulnerability Database and Common Vulnerabilities (NVD) and Exposures (CVE), as well as funding cuts to MITRE (the organization assigning standardized identifiers1), have raised concerns about timely access to critical security information. Such delays give attackers an edge, enabling them to exploit unpatched vulnerabilities. Without this data, companies struggle to update their infrastructure, and developers cannot integrate relevant attack signatures into security tools. Beyond speed, the international cybersecurity community has also criticized the accuracy and completeness of information about security flaws. Not all contributions from Russian researchers are included in CVE/NVD.
Responding to this industry need, Positive Technologies created a public portal to provide comprehensive information on all identified vulnerabilities, including their fix status and severity. The platform currently features over 300,000 vulnerabilities and 45,000 researchers, adding approximately 1,000 new entries weekly.
The database is built on the expertise of Positive Technologies' security research center, one of the largest in Europe. This team includes white hat hackers from PT SWARM, who study the security of IT systems and devices, and cybersecurity experts from PT Expert Security Center, who investigate incidents and detect emerging threats.
What sets this portal apart from other global vulnerability databases is the depth and quality of its data. Positive Technologies aggregates information from multiple sources, including CVE, NVD, Reddit, X.com, and Telegram, using large language models (LLMs) to create detailed summaries that are clearer and more comprehensive than existing databases. Unlike MITRE's registry, which does not credit researchers who report vulnerabilities, Positive Technologies highlights these contributions. Using AI to extract data from vendor websites, the company identifies and includes the names of researchers in its database. The portal also ranks vulnerabilities based on the level of discussion they generate on industry platforms, providing a list of the most talked-about issues.
1 A universally recognized vulnerability classification enables cybersecurity professionals to communicate in a common language. Each vulnerability or threat is given a name and a brief description based on strictly defined rules.
"Over 20 years, we've built an extensive knowledge base on vulnerabilities in products from international and domestic vendors. By refining and expanding this data, we've created an interactive portal that we hope will be invaluable to independent researchers and security teams. Our goal is to make this platform a reliable and comprehensive source of information on all cybersecurity vulnerabilities worldwide. At launch, it already exceeds MITRE's CVE database, with 300,000 entries compared to CV...
Dmitry SerebryannikovChief Hacking Officer at Positive Technologies
Positive Technologies plans to expand the portal's functionality further. In addition to smart filtering for easier product-specific searches, the platform will soon offer personalized feeds. In the future, white hat hackers will be able to create personal profiles, showcase their achievements (similar to bug bounty platforms), follow researchers of interest, and comment on entries.