Russian Vulnerability Scanner Database

Navigation

Help & DocumentationPlatform OverviewHow to Use the PlatformVulnerability Scoring SystemsFrequently Asked QuestionsRelease History

The Vulnerability Catalog vulnerabilities.etecs.ru is an educational showcase and demonstration platform created by JSC “Echelon Technologies” to demonstrate the capabilities of the commercial product Scanner-VS 7 and support the Russian cybersecurity community.

Mission and Positioning

Educational Mission

The platform provides free access to professional vulnerability analysis tools, allowing information security specialists to study modern threat assessment and risk prioritization methodologies using real data.

Technology Demonstration

The catalog demonstrates the quality of data normalization, depth of analysis, and ease of working with vulnerability information that form the foundation of the commercial Scanner-VS 7.

Community Support

We strive to raise the overall level of cybersecurity competencies by providing access to current threat information for research and educational purposes.

Technical Data Architecture

Information Sources

The catalog database aggregates and normalizes information from leading sources:

Russian Sources:

  • FSTEC Russia BDU — official Russian vulnerability database
  • Domestic OS vulnerability databases: Astra Linux, RED OS

International Sources:

  • NIST National Vulnerability Database (NVD) — leading global CVE database
  • FIRST.org EPSS — vulnerability exploitation prediction system
  • Operating Systems: Debian, Red Hat, Ubuntu, Windows, Arch Linux

Data Normalization Process

  1. Aggregation: Collection of data from multiple sources
  2. Deduplication: Elimination of duplicate records
  3. Normalization: Standardization to unified description format
  4. Verification: Data consistency checking
  5. Enrichment: Addition of metadata and vulnerability relationships

Data Quality

The same normalized database is used in the commercial Scanner-VS 7, ensuring:

  • High information accuracy
  • Data currency
  • Professional level of analysis
  • Minimal false positives

Functional Capabilities

Risk Assessment System

Two-level threat analysis:

  • CVSS — technical assessment of potential impact
  • EPSS — predictive assessment of exploitation probability

Multiple CVSS Version Support:

  • CVSS v2.0 (legacy compatibility)
  • CVSS v3.x (current standard)
  • CVSS v4.0 (latest version)

Analytical Tools

  • Advanced Filtering by multiple criteria
  • Intelligent Search with partial match support
  • Sorting by relevance, criticality, publication date
  • Related Vulnerabilities for comprehensive threat analysis

Exploit Information

  • Exploit Availability with source indication
  • Exploit Metadata for usage complexity assessment
  • Temporal Scoring to account for changing risk factors

Demonstration of Scanner-VS 7 Capabilities

What the Catalog Shows

This platform demonstrates only the viewing capabilities of the full-featured Scanner-VS 7 system:

Data Analysis:

  • Depth of vulnerability information processing
  • Quality of normalization from multiple sources
  • Professional risk assessment metrics
  • Convenience of navigating large data sets

What Scanner-VS 7 Additionally Provides

Active Scanning:

  • Automated Detection of vulnerabilities in IT infrastructure
  • Network and Host Scanning
  • Security Configuration Analysis
  • Password Dictionary Auditing

Operational Efficiency:

  • Rapid Deployment: system installation in 1 minute
  • Minimal Requirements: 2 GB RAM, 2 CPU cores
  • High Performance: fast scanning of large networks
  • Scalability: from small offices to enterprise infrastructures

Compliance Requirements:

  • FSTEC Russia Certificate №2204 (4UD, TU) for Scanner-VS 6 version, Scanner-VS 7 certificate expected in 2025
  • Support for FSTEC-certified Domestic OS
  • Container Deployment for modern infrastructures
  • Compliance with Russian Information Security Standards

Target Usage Scenarios

For Educational Institutions

  • Study of methodologies for vulnerability analysis using real data
  • Practical exercises in information security risk assessment
  • Research projects in cybersecurity
  • Training specialists to modern standards

For Information Security Specialists

  • Research of current threats without access restrictions
  • Study of trends in vulnerabilities
  • Analysis of attack vectors for specific technologies
  • Assessment of commercial protection solution applicability

For Organizations

  • Assessment of need for professional scanning systems
  • Demonstration of capabilities of modern information security solutions
  • Planning implementation of security monitoring systems
  • Justification of investments in cybersecurity

Technical Support and Development

Data Updates

  • Real-time synchronization with sources
  • Daily EPSS score updates
  • Prompt addition of new CVE records
  • Quality control of incoming data

Functionality Development

The platform is regularly updated to demonstrate new Scanner-VS 7 capabilities:

  • Expansion of analytical tools
  • User interface improvements
  • Addition of new data sources
  • Integration of additional security metrics

Transition to Commercial Use

When Scanner-VS 7 is Needed

  • Active protection of organizational IT infrastructure
  • Compliance with regulator requirements (FSTEC, FSB)
  • Automation of security monitoring processes
  • Professional technical support and updates

Get the Commercial Version

JSC “Echelon Technologies” Contacts:

  • 📧 Email: partners@npo-echelon.ru
  • 📞 Phone: 8 (495) 223-23-92
  • 🏢 Address: 107023, Moscow, Elektrozavodskaya str., 24
  • 🛠️ Tech Support: 8 (800) 100-05-02

The Vulnerability Catalog demonstrates JSC “Echelon Technologies’” commitment to developing the Russian cybersecurity community and open knowledge sharing to raise the overall level of protection for the country’s digital infrastructure.