OSVDB

OSVDB

Open Source Vulnerability Database (OSVDB) is an independent and open source database created by and for the community. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals, eliminates redundant works, and reduce expenses inherent with the development and maintenance of in-house vulnerability databases.

Its goal is to provide accurate, unbiased information about security vulnerabilities in computerized equipment. The core of OSVDB is a relational database which ties various information about security vulnerabilities into a common, cross-referenced open security data source.

Contents

History

The project was started in August 2002 at the Blackhat and DEF CON Conferences by several industry notables (including H. D. Moore, rain.forest.puppy, and others). Under mostly-new management, the database officially launched to the public on March 31, 2004.

The Open Security Foundation (OSF) was created to ensure the project's continuing support. Brian Martin (AKA Jericho), Chris Sullo (of Nikto fame), and Jake Kouns are project leaders for the OSVDB project, and currently hold leadership roles in the OSF. It is a client/server implementation that consists of a server daemon (mysqld) and many different client programs/libraries. It has a pluggable data store architecture

Process

Vulnerability reports, advisories and exploits posted in various security lists enter the database as a new entry. The new entry contains only a title and links to entries of the same vulnerability in other security lists. However, at this stage the page for the new entry doesn't contain any detailed description of the vulnerability. After the new entries are thoroughly scrutinized, analyzed and refined, descriptions of the vulnerability, its solutions and test notes are added. Then these details are reviewed by other members of OSVDB, further refined if necessary and then made stable. Once it is stable, the detailed information appears on the page for the entry.

Contributors

Some enthusiastic hackers are volunteering to maintain OSVDB. Some of the active members are as follows:

  • Brian Martin (COO, Moderator)
  • Jake Kouns (CEO, Moderator)
  • Chris Sullo (CFO, Moderator)
  • Steve Tornio (Moderator)
  • Travis Schack (Mangler)
  • Susam Pal (Mangler)
  • Christian Seifert (Mangler)

Open Security Foundation

The Open Security Foundation is a non-profit 501c3 organization established in early 2005 to function as a support organization for open source security projects. It was originally conceived and founded as a support for the OSVDB project, but its scope is evolving to provide support for numerous other projects.

The foundation allows organizations and individuals to provide charitable contributions to support open source security projects that provide value to the global community. The foundation also provides guidance, legal, administrative, policy guidelines, and other support to numerous projects.

The Open Security Foundation was conceived by Chris Sullo, Brian Martin, and Jake Kouns in early 2004, and obtained official US 501(c)3 non-profit status in April, 2005.

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Chris Sullo — is the CFO and Treasurer of Open Security Foundation. He is a distinguished security expert known as the author of Nikto scanner. He is specialised in web security and pen testing. Contents 1 OSVDB 2 Nikto 3 Security Advisories 4 …   Wikipedia

  • H D Moore — (born 1981) is a security researcher who has been active on internet mailing lists since 1998cite web | url = http://marc.info/?l=bugtraq m=91454756930070 w=2 | title = Nlog v1.0 Released ] . H D Moore works as the Director of Security Research… …   Wikipedia

  • Vulnerability (computing) — In computer security, the term vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system. Vulnerabilities may result from weak passwords, software bugs, a computer virus or other malware,… …   Wikipedia

  • Nikto Web Scanner — Nikto Development status Active Available in English License GPL Website http://www.cirt.net/code/nikto.shtml Nikto Web Scanner is a Web ser …   Wikipedia

  • Tiny C Compiler — Infobox Software name = Tiny C Compiler logo = developer = Fabrice Bellard latest release version = 0.9.24 latest release date = release date|2008|04|01 programming language = C and Assembly operating system = Linux, Unix, Microsoft Windows genre …   Wikipedia

  • List of online databases — This is a list of online databases accessible via the internet.0 9* 10eastern A B ;A * Acronym Finder * Adult Film Database * aeiou Encyclopedia * Airdisaster.com * Airliners.net * All Media Guide * Allmovie * Allmusic * African American Registry …   Wikipedia

  • Criticism of Adobe Flash — Adobe Flash as a format has become very widespread on the desktop market and created a market dominance. Adobe Systems claims that 98% of all Internet desktop users worldwide (and 99.1% of US/Canada Web users) have the Flash Player installed,… …   Wikipedia

  • Faille de sécurité — Vulnérabilité (informatique)  Cet article concerne la vulnérabilité en informatique. Pour une utilisation plus large du terme, voir Vulnérabilité. Dans le domaine de la sécurité informatique, une vulnérabilité est une faiblesse dans un… …   Wikipédia en Français

  • Faille de sécurité informatique — Vulnérabilité (informatique)  Cet article concerne la vulnérabilité en informatique. Pour une utilisation plus large du terme, voir Vulnérabilité. Dans le domaine de la sécurité informatique, une vulnérabilité est une faiblesse dans un… …   Wikipédia en Français

  • Faille informatique — Vulnérabilité (informatique)  Cet article concerne la vulnérabilité en informatique. Pour une utilisation plus large du terme, voir Vulnérabilité. Dans le domaine de la sécurité informatique, une vulnérabilité est une faiblesse dans un… …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”