Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open Source Vulnerability Database Opens for Public Access

From: security curmudgeon <jericho () attrition org>
Date: Sat, 3 Apr 2004 00:28:46 -0500 (EST)

: >~ Immunity will be switching to OSVDB for CANVAS
:
: Why?  Why is it better?  Who is the "Open Security Foundation"? Why is
: one guy approving new vulns better than a committee?

The one person approving vulnerabilities for OSVDB isn't making a
judgement or determination about whether it deserves an entry, rather he
is making sure the entry meets certain standards before it is made public
on the site. Specifically, making sure the fields are understandable, the
external links match the vulnerability entry, etc.

In the cases where there is question whether something qualifies for an
entry, it is discussed between at least 4 people on the OSVDB staff. If
there is still question or doubt, we solicit advice from other people or
look at the other databases to see if/how they handled it.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: