OpenKAT, the Vulnerabilities Analysis Tool

OpenKAT, the Vulnerabilities Analysis Tool

OpenKAT: innovative open-source tool for security and compliance

OpenKAT (Open Vulnerabilities Analysis Tool) is a pioneering open-source solution for continuously monitoring digital security and compliance (compliance). Led by Brenno de Winter (Chief Security Officer at the Ministry of Health, Welfare and Sport) and Jan Klopper (OpenKAT project leader), this tool was developed to give organisations insight and direction over their entire digital attack surface. OpenKAT was born out of the need to rapidly improve security during the COVID-19 crisis - a period when many new systems (such as CoronaMelder and CoronaCheck) had to be quickly and reliably brought to the right security level (). Accordingly, the VWS minister called OpenKAT “an instrument to be proud of” ().

Thought leadership and vision by Brenno de Winter and Jan Klopper

OpenKAT’s strength comes from the vision of its initiators. Brenno de Winter and Jan Klopper recognised that traditional approaches were failing in a complex and rapidly changing environment. Thus, OpenKAT was born as the demand for security increased and the digital playing field grew faster than humanly keep up - combined with stricter compliance requirements and the need for an integrated overview (Z-CERT and VWS develop scan tool for software vulnerabilities - Z-CERT). Winter stresses that the beauty of KAT is how security and vulnerabilities can be continuously tracked, allowing systems to improve quickly through continuous monitoring (and all without negative privacy impact) (VWS works on ‘super tool’ for vulnerability analysis - Computable.nl). Under their leadership, OpenKAT was designed in response to the question, “The question is not are we secure, but do we see vulnerabilities?”(). This line of thinking underlines their thought leadership in the project and lays the foundation for a proactive security approach.

Special and innovative product

OpenKAT is a unique product because it offers something that did not exist before: a holistic tool that covers all facets of cybersecurity as well as compliance (). Whereas many existing solutions only address part of the puzzle - for example, only a vulnerability scanner, an asset inventory or a SIEM - OpenKAT combines all these insights into one complete picture. The project pairs self-developed features with proven open-source tools to form a “supertool” () (What is OpenKAT | CERT-WM). This means that OpenKAT brings together, for example, results from Shodan, Binary Edge, specific pentest tools, CMS scanners and proprietary security tests in one overview (VWS works on ‘supertool’ for vulnerability analysis - Computable.nl). The result is broader insight: not only technical vulnerabilities come into focus, but also misconfigurations and anomalies that can lead to compliance risks (What is OpenKAT | CERT-WM). In addition, OpenKAT records a timeline of the security status, so that developments, whether positive or negative, can be easily tracked (What is OpenKAT | CERT-WM). An application that could make such a historical “snapshot comparison” across the full breadth of all requirements set did not exist until now () - herein lies the innovative power of OpenKAT.

The power of open source in security and compliance

OpenKAT was created from the ground up as an open-source initiative, which is a conscious and powerful choice. The software is developed in full transparency according to open-source principles and meets the highest quality standards in terms of accessibility, privacy and security (). Open source means that anyone can see, use and contribute to the code, leading to greater trust and better quality. After all, “with more eyes we also see more “, says the ministry, which hopes OpenKAT will mobilise a broad community of companies, (semi-)governments and experts (). OpenKAT is not a commercial service but a freely available tool that can be deployed and extended by anyone (). This open nature makes the solution innovative by definition - anyone can reap the benefits (OpenKAT, looking with cat eyes - Page 2 - De Winter Information Solutions). It also increases the self-reliance of organisations and the government by reducing reliance on expensive external suppliers for security solutions (). The open-source community behind OpenKAT encourages rapid further development, knowledge sharing and continuous improvement, which is crucial in keeping up with contemporary threats.

Key functionalities and technical innovations

OpenKAT is distinguished by a number of key technical features that contribute to better security and compliance in an accessible way:

  • Evidence-based attack surface management: OpenKAT maps the entire digital landscape (attack surface) and continuously monitors it for vulnerabilities. All findings are forensically accurately recorded, including the moment of discovery (OpenKAT, looking with cat eyes - Page 2 - De Winter Information Solutions). This creates a provable audit trail: organisations can demonstrate that security standards were met at a certain point in time, or how long a particular vulnerability has existed. This evidence-based approach makes it easier to demonstrate compliance to auditors and regulators.

  • Comparison between two moments in time: Thanks to its built-in timeline, OpenKAT can compare the status of systems at different points in time. For each scan, the tool saves a “copy of reality” (). Changes in the landscape are thus made visible and conclusively recorded (). This enables trend analysis and progress reporting: one can see at a glance whether the security posture is improving or deteriorating. Moreover, it is possible to check in retrospect whether systems were vulnerable in the past to a problem that has now become known () - a feature that is unique and has, for example, helped in the ongoing monitoring of the CoronaCheck system ().

  • Policy-driven alerts via business rules: OpenKAT goes beyond generating flat-list alerts. Through flexible business rules and a knowledge base, the tool links technical results to context and policy. Vulnerabilities are weighted according to the organisation’s interests and risks (VWS works on ‘super tool’ for vulnerability analysis - Computable.nl). For example, to avoid being called awake at night for a low-risk system, OpenKAT uses scenarios where only critical findings in core systems are given high priority (OpenKAT, looking with cat eyes - Page 2 - De Winter Information Solutions). Conversely, that smart context link ensures that a small technical failure that causes a major compliance risk is not overlooked (OpenKAT, looking with cat eyes - Page 2 - De Winter Information Solutions). Organisations can add their own rules to determine which situations deserve an alert and which can be documented automatically. This targeted alert mechanism reduces noise and ensures that the right people are alerted in time about really important issues (OpenKAT, looking with cat eyes - Page 2 - De Winter Information Solutions).

Keiko, our mascot

Because although the name is the Vulnerabilities Analysis Tool, it can be abbreviated as KAT, it was only logical to have a cat as a mascot. That became Keiko, Brenno de Winter’s gorgeous cat. As an ocikat, she is naturally inquisitive, friendly and sociable. OpenKAT

Conclusion: OpenKAT as a game-changer in security and compliance

OpenKAT is a model of how thought leadership, innovation and open-source collaboration can coalesce into a powerful product. At a time when cyber threats are constantly evolving and regulations are becoming more stringent, OpenKAT enables organisations to proactively and demonstrably get their security and compliance in order. The integration of various tools into one clear whole and the use of provable data and business logic makes this solution particularly effective as well as user-friendly. For a business audience, OpenKAT is not only a technical tour de force, but also a strategic advantage: it simplifies the work of security teams, increases confidence in one’s own IT environment and demonstrates to auditors and stakeholders that one is “in control”. Thanks to the pioneering role of Brenno de Winter and Jan Klopper and the broad open-source community, OpenKAT stands as an innovative product model for the power of open technology in security and compliance - now and in the future.

OpenKAT

Want to use OpenKAT for your organisation and not have to do everything yourself. Our partner Cynalytics has experience, dedication and, above all, an innovative approach to scanning the outside and inside of your organisation.