Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open Source Vulnerability Database Opens for Public Access

From: Bram Shirani <bram () aversion net>
Date: Fri, 2 Apr 2004 21:36:53 -0800
On Fri, Apr 02, 2004 at 09:19:44PM -0800, Rodney Thayer said sometin like...

At 11:36 AM 4/2/2004 -0500, Dave Aitel wrote:


~ Immunity will be switching to OSVDB for CANVAS


Why?  Why is it better?  Who is the "Open Security Foundation"?
Why is one guy approving new vulns better than a committee?


Why it is better is debateable. A few facts (which are on the web page
listed in the announcement:

- It's open source. (See http://www.osvdb.org/news.php#license)
- It's free.


From the site:


OSVDB is an independent and open source database created by and for the
community.
Our goal is to provide accurate, detailed, current, and unbiased
technical information.

The Open Security Foundation is the foundation created to control the OSVDB.

There is not one guy approving new vulns, there is a group of ~15 - 20
people who contribute in many different ways:

- adding new vulns to the database
- mangling vulns to include all relavent information, including links to
advisories, techincal descriptions, and other information 
- moderators who approve each vuln after it has been mangled, kicking back
if enough information is not included, or for a variety of other reasons

Bram 
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: