A list of all awesome CVELabs
An awesome CVELabs is an independent team that:
- Finds vulnerabilities without profiting economically (excludes bounty programs)
- Is not a hub CNA (like Zero Day Initiative)
- Is not a vendor CNAs (vendors that index CVEs of his own products)
- Researchers that found CVEs work on the team
- Quantity: FortiGuard
- Productivity: FortiGuard
- Activity (opposite to Inactivity, with the most recent "Last" parameter): NCC Group
- Diversity (opposite to Concentration, with the oldest "First" parameter): Synacktiv
- Oldest: Sec Consult
- Fertility: Positive Technologies
- (A)dvisories: Total Advisories
- (Q)uantity: Total CVEs
- (M)onths: Last CVE - First CVE
- (P)roductivity: Total CVE / Months (CVE per month)
- (V)endors: Unique vendors over CVE
- (C)oncentration: Total CVE / Vendors (CVE per vendor)
- (I)nactivity: Today - Last CVE (months since last CVE)
- (R)esearchers: Unique researchers over CVE
- (F)ertility: Total CVE / Researchers
Descendent order according to CVE column:
| # | Lab | A | Q | First | Last | M | P | V | C | I | R | F |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | FortiGuard (Fortinet) | 905 | 905 | 19/09/23 | 23/03/21 | 41 | 22.0 | 179 | 5.0 | 7 | - | - |
| 2 | Source Incite | 1515 | 854 | 15/04/16 | 23/08/30 | 100 | 8.5 | 30 | 28.4 | 3 | 13 | 65.6 |
| 3 | Tenable | 486 | 777 | 06/07/11 | 23/11/15 | 208 | 3.4 | 135 | 5.3 | 0 | - | - |
| 4 | Google Project Zero | 700 | 14/03/11 | 23/06/01 | 112 | 6.2 | 60 | 11.6 | 5 | 33 | 21.2 | |
| 5 | Claroty | 525 | 525 | 18/05/06 | 23/11/07 | 63 | 8.3 | 101 | 5.1 | 0 | - | - |
| 6 | NCC Group | 219 | 379 | 06/02/03 | 23/10/31 | 212 | 1.6 | 80 | 4.1 | 1 | 50 | 7.0 |
| 7 | Core Security | 260 | 352 | 16/05/18 | 22/02/01 | 69 | 5.1 | 90 | 3.9 | 19 | 33 | 10.6 |
| 8 | Sec Consult | 15 | 274 | 03/02/28 | 23/10/05 | 247 | 1.1 | 84 | 3.3 | 1 | - | - |
| 9 | Fluid Attacks | 155 | 260 | 20/12/15 | 24/01/03 | 35 | 7.0 | 82 | 3.8 | 0 | 10 | 27.4 |
| 10 | Positive Technologies | 471 | 256 | 09/03/04 | 22/12/03 | 137 | 1.5 | 133 | 1.8 | 20 | 1 | 249.0 |
| 11 | Trustwave - SpiderLabs | 195 | 225 | 09/05/19 | 23/11/07 | 125 | 1.2 | 120 | 1.7 | 0 | 60 | 3.5 |
| 12 | Withsecure | 211 | 170 | 06/11/28 | 23/10/26 | 202 | 0.8 | 73 | 1.7 | 1 | - | - |
| 13 | Flashback | 165 | 13/08/01 | 23/06/23 | 107 | 1.5 | 30 | 5.5 | 5 | 2 | 82.5 | |
| 14 | Bishopfox | 72 | 159 | 05/12/07 | 23/07/20 | 211 | 0.7 | 44 | 3.4 | 4 | 42 | 3.5 |
| 15 | Mandiant | 114 | 134 | 19/09/20 | 23/11/03 | 72 | 1.8 | 26 | 4.4 | 0 | 27 | 4.2 |
| 16 | Synacktiv | 419 | 130 | 10/04/27 | 23/10/31 | 163 | 0.6 | 52 | 2.9 | 1 | 42 | 3.6 |
| 17 | Qualys | 68 | 128 | 12/05/04 | 23/10/03 | 138 | 0.8 | 41 | 2.8 | 1 | - | - |
| 18 | CyberArk | 12 | 124 | 18/11/07 | 22/10/02 | 47 | 2.6 | 55 | 2.2 | 12 | 22 | 5.6 |
| 19 | JFrog | 117 | 117 | 19/02/05 | 23/11/14 | 55 | 2.1 | 56 | 2.0 | 0 | 7 | 16.2 |
| 20 | Starlabs | 126 | 110 | 18/11/27 | 23/11/01 | 56 | 1.9 | 24 | 4.4 | 0 | 13 | 8.1 |
| 21 | Nozomi Networks | 201 | 100 | 22/05/17 | 23/10/30 | 77 | 1.2 | 8 | 5.6 | 1 | - | - |
| 22 | Ioactive | 68 | 80 | 07/03/26 | 21/07/08 | 172 | 0.4 | 46 | 1.7 | 30 | 45 | 1.7 |
| 23 | Integrity Labs | 66 | 62 | 13/07/09 | 23/10/23 | 123 | 0.4 | 30 | 2.3 | 1 | 18 | 4.0 |
| 24 | SentinelOne | 114 | 57 | 16/03/24 | 22/05/05 | 74 | 0.7 | 25 | 2.2 | 19 | 5 | 11.4 |
| 25 | Sonarsource | 57 | 43 | 21/04/26 | 23/10/17 | 30 | 1.7 | 23 | 1.8 | 1 | 9 | 4.7 |
| 26 | Orange Cyberdefense | 43 | 43 | 19/07/28 | 23/11/06 | 63 | 0.6 | 26 | 1.5 | 0 | 18 | 2.1 |
| 27 | Secpod | 54 | 41 | 10/08/05 | 15/06/18 | 59 | 0.7 | 35 | 1.1 | 97 | 8 | 5.1 |
| 28 | Safe Breach | 13 | 39 | 19/06/19 | 23/04/21 | 45 | 0.9 | 25 | 1.6 | 6 | - | - |
| 29 | Census Labs | 31 | 38 | 09/01/21 | 23/11/08 | 167 | 0.2 | 24 | 1.5 | 0 | 15 | 2.4 |
| 30 | Versprite | 41 | 35 | 17/12/20 | 21/04/23 | 40 | 0.9 | 25 | 1.4 | 32 | - | - |
| 31 | SecureWorks (Dell) | 38 | 34 | 09/11/11 | 18/12/20 | 109 | 0.3 | 21 | 1.6 | 59 | 14 | 2.4 |
| 32 | Vulncheck | 29 | 29 | 22/10/14 | 2023/10/10 | 12 | 2.4 | 16 | 1.3 | 1 | - | - |
| 33 | Horizon3.ai | 10 | 27 | 21/01/05 | 23/02/14 | 25 | 1.0 | 8 | 3.3 | 8 | 5 | 5.4 |
| 34 | Portcullis Labs | 25 | 25 | 17/07/19 | 19/10/30 | 28 | 1.2 | 10 | 2.5 | 48 | - | - |
| 35 | Patchstack | 18 | 20 | 23/01/24 | 23/11/15 | 10 | 4.3 | 42 | 0.8 | 9 | - | - |
| 36 | Assetnote | 16 | 20 | 21/11/02 | 23/10/04 | 23 | 0.7 | 14 | 1.0 | 1 | 2 | 7.5 |
| 37 | Cipher Labs | 24 | 19 | 11/11/22 | 2019/02/20 | 81 | 0.2 | 18 | 1.3 | 57 | 1 | 24.0 |
| 38 | Nettitude | 12 | 17 | 17/11/28 | 23/01/04 | 61 | 0.2 | 11 | 1.1 | 9 | 8 | 1.6 |
| 39 | WatchTowr Labs | 14 | 14 | 22/07/01 | 23/06/13 | 11 | 1.3 | 10 | 1.4 | 5 | 4 | 3.5 |
| 40 | Yoroi | 7 | 12 | 22/11/02 | 23/04/24 | 14 | 0.8 | 3 | 4.0 | 6 | 2 | 6.0 |
| 41 | Synopsys | 23 | 6 | 23/01/31 | 23/08/15 | 8 | 0.9 | 5 | 1.2 | 9 | 6 | 1.0 |
| 42 | Oxeye | 5 | 6 | 22/07/28 | 23/08/22 | 13 | 0.7 | 4 | 1.5 | 3 | 2 | 3.0 |
| 43 | SSD Labs | 5 | 5 | 22/07/27 | 23/04/03 | 9 | 0.3 | 3 | 1.6 | 6 | 2 | 2.5 |
| 44 | Viettel Cyber Security | 4 | 4 | 22/03/23 | 23/06/16 | 15 | 0.3 | 4 | 1.0 | 5 | 7 | 0.5 |
| 45 | Wiz | 2 | 4 | 21/09/14 | 23/07/27 | 1 | 2.0 | 2 | 2.0 | 4 | 2 | 2.0 |
| 46 | Securitum | 2 | 2 | 16/06/14 | 20/02/12 | 44 | 0.1 | 2 | 1.0 | 42 | 1 | 2.0 |
| 47 | Legit Security | 1 | 1 | 23/02/14 | 23/02/14 | 1 | 1.0 | 1 | 1.0 | 8 | 1 | 1.0 |
- (-) Not applicable: Poorly structured researcher records
- ( ) Blank space: Researcher pending or not available at the moment
- https://www.3ds.com/vulnerability/advisories: Credits to researchers outside of the organization / NOT_A_LAB_IS_AN_INDEX
- https://www.trellix.com/: The data is not structured correctly / UNSTRUCTURED_DATA