Show HN: 700% Growth ( Discussion)

7 pointsdaudmalik064y ago16 comments

Happy to share the last week growth of https://vulert.com

https://twitter.com/DevNackOfficial/status/1490993623026270214

Vulert notifies you if a security issue is found in any of the open-source software you use.

Feedback or critics are welcome. Feel free to ask anything: info(@) vulert.com

Show HN: 700% Growth ( Discussion)

7 pointsdaudmalik064y ago16 comments

Happy to share the last week growth of https://vulert.com

https://twitter.com/DevNackOfficial/status/1490993623026270214

Vulert notifies you if a security issue is found in any of the open-source software you use.

Feedback or critics are welcome. Feel free to ask anything: info(@) vulert.com

16 comments

16 comments · 7 top-level

neximo644y ago· 3 in thread

Doesn't github do that with the dependabot alerts, for free? On each push and via email. Why would you pick this one when you get that without even turning it on

daudmalik06OP4y ago

There are 2 problems with dependabot, 1: it requires you to have a code on github orherwise you can't receive alerts 2: they send months old alerts, even if you go to check security advisory of github, you'll notice the date of those issues will be very old.

neximo644y ago

I don't know if this is true, I saw a couple of Neo4j vulnerabilities show up as soon as the next day once it was disclosed.

daudmalik06OP4y ago

Further, vulert is also 100% free for open source software.

only4here4y ago· 1 in thread

Sorry since this isn't related, but why was almost everyone's account in the comments created 5 hours ago... right when this post was made?

daudmalik06OP4y ago

even i was amazed to see the quick response

vilad13374y ago· 1 in thread

Nice design, compliments for making it user friendly,

Do you have roadmap of slack feature? Or webhooks? Like i want something that calls my webhook for issues in my app.

Thanks

daudmalik06OP4y ago

yes, both of these features are on our roadmap, get in touch with us to stay updated.

thanks

aliahmedraza4y ago· 1 in thread

Wow, it's really interesting, i was looking similar thing after log4j. I'll send you the email

daudmalik06OP4y ago

Most welcome

stive_brown4y ago· 1 in thread

Compliments, i have a question though, Can you alert for php packages vulnerabilities or deprecations ?

daudmalik06OP4y ago

Yeah, you can just upload a composer.lock file and that's it, we will track all of the open source you use and even the software that comes under first level. I.e we track the complete graph.

Feel free to contact us.

mike3124y ago· 1 in thread

Sounds promising, though it's not very clear how do you do this

daudmalik06OP4y ago

Well, actually we track all of the CVE lists, security advisories of vendors, package managers and as soon as there's an issue related to the software you use, we notify you. That's it.

anthony_ret4y ago· 1 in thread

Can it help to notify issues like log4j?

daudmalik06OP4y ago

Yes, it can send real time notification of any open source you use e.g maven requirement file.

j / k navigate · click thread line to collapse

16 comments

16 comments · 7 top-level

neximo644y ago· 3 in thread

Doesn't github do that with the dependabot alerts, for free? On each push and via email. Why would you pick this one when you get that without even turning it on

daudmalik06OP4y ago

neximo644y ago

I don't know if this is true, I saw a couple of Neo4j vulnerabilities show up as soon as the next day once it was disclosed.

daudmalik06OP4y ago

Further, vulert is also 100% free for open source software.

only4here4y ago· 1 in thread

Sorry since this isn't related, but why was almost everyone's account in the comments created 5 hours ago... right when this post was made?

daudmalik06OP4y ago

even i was amazed to see the quick response

vilad13374y ago· 1 in thread

Nice design, compliments for making it user friendly,

Do you have roadmap of slack feature? Or webhooks? Like i want something that calls my webhook for issues in my app.

Thanks

daudmalik06OP4y ago

yes, both of these features are on our roadmap, get in touch with us to stay updated.

thanks

aliahmedraza4y ago· 1 in thread

Wow, it's really interesting, i was looking similar thing after log4j. I'll send you the email

daudmalik06OP4y ago

Most welcome

stive_brown4y ago· 1 in thread

Compliments, i have a question though, Can you alert for php packages vulnerabilities or deprecations ?

daudmalik06OP4y ago

Yeah, you can just upload a composer.lock file and that's it, we will track all of the open source you use and even the software that comes under first level. I.e we track the complete graph.

Feel free to contact us.

mike3124y ago· 1 in thread

Sounds promising, though it's not very clear how do you do this

daudmalik06OP4y ago

Well, actually we track all of the CVE lists, security advisories of vendors, package managers and as soon as there's an issue related to the software you use, we notify you. That's it.

anthony_ret4y ago· 1 in thread

Can it help to notify issues like log4j?

daudmalik06OP4y ago

Yes, it can send real time notification of any open source you use e.g maven requirement file.

j / k navigate · click thread line to collapse