🛡️ GuardFoxCopilot Documentation

Vulnerability Management

CVE lookup via NVD, CISA KEV integration, and per-host patch gap tracking.

Route: /vuln-management

How it works

Overview

How Vulnerability Management Works

GuardFoxCopilot queries the NIST NVD API and CISA KEV catalog to provide real-time CVE data, enriched with:

  • CVSS v3.1 base score and vector
  • EPSS probability (likelihood of exploitation in the next 30 days)
  • CISA KEV status (actively exploited, federal patch deadline)
  • Affected product matching against your asset inventory
  • Patch availability and vendor advisory links

Data flow

NVD API → normalise → enrich with KEV → match to assets → risk score → alert if EPSS > threshold

NVD rate limits

NVD free tier: 5 requests/30 seconds. With an NVD API key: 50 requests/30 seconds.

GuardFoxCopilot caches CVE results for 24 hours to stay within limits.

NVD API key setup

Setup

Setting Up the NVD API Key

Without an API key, CVE lookups are rate-limited to 5/30s and may timeout.

  1. Go to nvd.nist.gov/developers/request-an-api-key
  2. Register with your email — key arrives within minutes
  3. In GuardFoxCopilot: Settings → Integrations → NVD API Key
  4. Paste the key and save

The timeout for NVD requests is set to 20 seconds by default. If you see timeout errors, increase this in Settings → Advanced → NVD Timeout.

CISA KEV

No API key needed. GuardFoxCopilot fetches the KEV catalog daily from the CISA public JSON endpoint and cross-references all tracked CVEs automatically.