eWeek Security Watch
Advertisement
Advertisement
December 17, 2007 4:52 PM

Open Source Vulnerability Database Gets Major Makeover



osvdb_logo.gif The Open Source Vulnerability Database has hit the 2.0 milestone with a major rewrite, a new "Watch List" service and several UI enhancements to provide greater details about specific vulnerabilities.

The five-year-old project, which is backed by Google, Layered Technologies and GFI Software, has been completely rewritten using Ruby on Rails and fitted with major tweaks to create the "go-to security vulnerability database," according to project leader Brian Martin.

The idea of the OSVDB 2.0 makeover is to provide an easier interface for updating vulnerabilities and a way to make it simple for individuals and companies to integrate with the project.

Among the enhancements:

  • Greater detail about the overall nature of a specific vulnerability.
  • A "Watch List" service that provides alerts for new vulnerabilities.
  • Consolidating external blogs by vulnerability.
  • New reporting metrics.

    • The enhanced data will allow users to find vulnerabilities based on criteria such as attack type, solution status or if the vulnerability has been confirmed or disputed by the vendor.

    Since its launch at Black Hat/Defcon shows in 2002, the OSVDB has cataloged nearly 40,000 vulnerabilities.

    For more on the makeover go to the OSVDB blog.

    Posted by Ryan Naraine on December 17, 2007 4:52 PM

    | Comments (3) | del.icio.us | digg.com | Trackback | Post a Comment
    TrackBack

    TrackBack

    http://securitywatch.eweek.com/cgi-bin/mte/mt-tb.cgi/12266

    Comments (3)

    Ray :

    Ryan,

    I was glad to find your blog again after you left ZDNet. Got it in my Google Reader, so I can continue to keep up with things related to my work.

    Posted by Ray | December 19, 2007 2:55 PM

    Ryan Naraine :

    Hi Ray, thanks and welcome aboard.

    _r

    Posted by Ryan Naraine | December 19, 2007 4:15 PM

    Ignacio :

    Hi Ryan,

    You are about the only general-tech-news infosec writer that I regularly read (C.J. Kelly has gotten a bit stale since she joined the government).

    It must be so because I didn't even notice you changed publications.

    Ignacio

    Posted by Ignacio | December 20, 2007 9:14 PM

    Post a Comment

     
     


    RSS Syndication

    Breaking News

    Advertisement

    Apple

    Browsers

    Cisco

    Corporate espionage

    Disaster Planning

    eBay

    Exploits and Attacks

    Flaws

    Google

    Identity Theft

    Intrusion Detection/Prevention

    Mergers and Acquisitions

    Microsoft Windows

    Open Source

    Oracle

    Patches

    Phishing and Fraud

    Privacy

    Product Reviews

    Rootkits

    Spam

    Virus and Spyware

    Vulnerability Research

    Advertisement
    Security Watch     Contact Us | Advertise | Site Map
    Ziff Davis Enterprise

    Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
    RSS Feeds | White Papers | ROI Calculators | Tech Podcasts | Tech Video |

    Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
    eWEEK | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
    Publish | eWeek Security | Strategic Partner | Web Buyer's Guide | Windows for Devices

    Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
    Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | IT Marketplace | igrep

    Use of this site is governed by our Terms of Use and Privacy Policy

    Copyright ©1996-2007 Ziff Davis Enterprise, Inc. All Rights Reserved. Security Watch is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
    Ziff Davis Enterprise