BreachExchange mailing list archives
News: Having "fun" with the data set
From: David Shettler <dave () opensecurityfoundation org>
Date: Fri, 25 Sep 2009 09:32:17 -0400
http://datalossdb.org/incident_highlights/37-having-fun-with-the-data-set We recently had an inquiry regarding whether or not we could store more details about certain breaches, specifically the type of Hack (for hack related breaches) that was used, or the application that ended up being breached. Neat ideas, of course, and we've considered them ourselves on several occasions, given that we have OSVDB as our sister project. We've always wanted to use both, or tie them together, however, we run into some issues in doing so. One big one is that we rarely know the cause of a given breach. That information is simply not disclosed the vast majority of the time. Neither is the application that was exploited, in fact, I can't recall a single instance of a specific vendor's product being named in our data set (but I suppose there might be a couple if I looked hard enough). Adding new fields to the database is a fairly straight-forward thing to do, but, we don't like to do it unless we can at least somewhat consistently populate these fields. A visitor suggested Primary Sources, so for fun, we searched them. Querying for "sql injection" yields 21 primary sources results, associated with roughly a dozen unique incidents, give or take. It was more results than I thought we'd have, anyways. But more than anything, it made me wonder what other interesting queries could be made. So, I tried a few: Querying for "search engine" or for "google" yielded some delightful entries about stuff getting indexed. Querying for "encryption key" had some interesting results where the encryption key had been lost with the encrypted systems/media. My personal favorite! Querying for "no reason to believe" showed just how cliche that term is in data breach notification letters, returning over 15% of all primary sources. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- News: Having "fun" with the data set David Shettler (Sep 25)