Motivation

Every day new cyber security vulnerabilities are discovered and reported, which indicate weak security standards adapted by websites. The main aim of a hacker is to steal sensitive information by exploiting these vulnerabilities. The information and data compromised can be very costly and damaging for an organization. Hence, due to ever evolving tactics of the hackers and the changing cyber threat landscape, it is very important for an organization to be aware of the security vulnerabilities.

Until now, most of the work which is done allows to discover the vulnerabilities in web applications and anticipate the vulnerabilities exploits. Different techniques are used in this regard, including machine learning, evaluating inter-module relationships, and application of data analytics. All of these approaches have a common goal, which is to discover existing and new vulnerabilities and predict them for future. Some solutions consider evaluating the application code by performing static or dynamic analysis and finding vulnerabilities. However, a very critical question in this whole scenario arises, as to what we can do after a vulnerability is discovered? How to find similar vulnerabilities in the system and share this information with others for proactive resolution of the vulnerabilities? In this regard, data analysis of security vulnerabilities can provide a wealth of information. It can provide efficient vulnerability assessment by analyzing the existing vulnerability data