All Blogs • eWEEK • BASELINE • CHANNEL INSIDER • CIO INSIGHT • Microsoft WATCH • LINUX WATCH • RESOURCE LIBRARY

Home | Got a Tip? | Archive | All Blogs | eWeek Newsbreak

Home >> Browsers >> Open Source Vulnerability Database Gets Major Makeover

December 17, 2007 4:52 PM

Open Source Vulnerability Database Gets Major Makeover

The Open Source Vulnerability Database has hit the 2.0 milestone with a major rewrite, a new "Watch List" service and several UI enhancements to provide greater details about specific vulnerabilities.

The five-year-old project, which is backed by Google, Layered Technologies and GFI Software, has been completely rewritten using Ruby on Rails and fitted with major tweaks to create the "go-to security vulnerability database," according to project leader Brian Martin.

The idea of the OSVDB 2.0 makeover is to provide an easier interface for updating vulnerabilities and a way to make it simple for individuals and companies to integrate with the project.

Among the enhancements:

Greater detail about the overall nature of a specific vulnerability.
A "Watch List" service that provides alerts for new vulnerabilities.
Consolidating external blogs by vulnerability.
New reporting metrics.

The enhanced data will allow users to find vulnerabilities based on criteria such as attack type, solution status or if the vulnerability has been confirmed or disputed by the vendor.

Since its launch at Black Hat/Defcon shows in 2002, the OSVDB has cataloged nearly 40,000 vulnerabilities.

For more on the makeover go to the OSVDB blog.

Posted by Ryan Naraine on December 17, 2007 4:52 PM

View all of Browsers, Corporate espionage, Exploits and Attacks, Flaws, Phishing and Fraud, Vulnerability Research

TrackBack

http://securitywatch.eweek.com/cgi-bin/mte/mt-tb.cgi/12266

Comments (3)

Ray :

Ryan,

I was glad to find your blog again after you left ZDNet. Got it in my Google Reader, so I can continue to keep up with things related to my work.

Posted by Ray | December 19, 2007 2:55 PM

Ryan Naraine :

Hi Ray, thanks and welcome aboard.

Posted by Ryan Naraine | December 19, 2007 4:15 PM

Ignacio :

Hi Ryan,

You are about the only general-tech-news infosec writer that I regularly read (C.J. Kelly has gotten a bit stale since she joined the government).

It must be so because I didn't even notice you changed publications.

Ignacio

Posted by Ignacio | December 20, 2007 9:14 PM

Subscribe:

RSS 2.0

Security News

TLD regulation

Adware

Android

Apple

Applications Whitelisting

AV tools

Backdoor

BlackBerry

Blacklisting

Blended attack

Botnet CnCs

Botnets

Browsers

CAG

China

Cisco

click fraud

Cloud computing

Conficker

Corporate espionage

Cyber-war

Data Breach

Data Security

Data securityAdd category

Database security

DDoS

Disaster Planning

domain registration abuse

e-banking fraud

eBay

Enterprise security strategy

Ethical hacking

Exploits and Attacks

Facebook

File-sharing

Flaws

Google

Government standards

Hactivism

ID theft

Identity fraud

Identity Theft

iframe

Illegal pharmacies

Industry events

Infrastructure security

Internet regulation

Intrusion Detection/Prevention

iPhone

ISPs

Java

MAAWG

Malware

Malware toolkits

Mergers and Acquisitions

Messaging security

Microsoft

Microsoft Windows

Mobile malware

multimedia

NIST

Online malware

Open Source

Oracle

Patches

Phishing and Fraud

PowerPoint

Privacy

Product Reviews

Products

Regulation

Risk Management

Rogue AV

Rootkits

RSA Security Conference

Russia

SaaS

SCADA

Search

SEO

SEO poisoning

Smartphone security

Social engineering

Social networking

Spam

SQL injection

Trojan attacks

Twitter

video games

Virus and Spyware

Vulnerability Research

Web 2.0

Windows 7

YouTube

Security Watch Contact Us | Advertise | Site Map

Security:
Enterprise Security
Network Security
Infrastructure Security
How To: Data
IT Security News
Cheap Hack Blog
Security Watch Blog

Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
Storage Reviews
Data Storage News
How To: Storage
Storage Station Blog

Computing:
Apple OSX
Linux Systems
Windows Vista
Managed Print Services
Cloud Computing
PC Reviews
Microsoft Watch Blog
Apple Watch Blog
Google Watch Blog

Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Mobile Applications
Wireless News
Mobile Reviews

Apps & Development:
Application Development
SAAS
Search Engines
Database Software
Web 2.0
IT Project Management
Emerging Tech Blog
CIO Insight Blogs
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel Partners
Careers Blog
Value Added Resellers

More eWeek Links:
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Podcasts
Tech Videos
Green IT
eWeek Magazine Subscriptions

Enterprise Websites:
ZDE Home
Baseline
Channel Insider
CIO Insight
eSeminars
eWeek Mid-Market
Publish Online
Web Buyers Guide

Developer Websites:
Dev Shed
DeveloperShed
ASP Free
MS DevSource
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware

Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
iGrep Search Engine
PDF Zone
Linux Watch

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt, and eWeek Security Watch are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
eWeek is your best source for the latest Technology News.
Hosted by Hostway.

TrackBack

Comments (3)

Post a Comment