|
OSVDB
The Open Sourced Vulnerability Database (OSVDB) was an independent and open-sourced vulnerability database. The goal of the project was to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promoted greater and more open collaboration between companies and individuals. The database's motto was "Everything is Vulnerable". The core of OSVDB was a relational database which tied various information about security vulnerabilities into a common, cross-referenced open security data source. As of December 2013, the database cataloged over 100,000 vulnerabilities. While the database was maintained by a 501(c)(3) non-profit public organization and volunteers, the data was prohibited for commercial use without a license. Despite that, many large commercial companies used the data in violation of the license without contributing employee volunteer time or financial compensation. History The project was started in August 2002 at th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vulnerability Database
A vulnerability database (VDB) is a platform aimed at collecting, maintaining, and disseminating information about discovered computer security vulnerabilities. The database will customarily describe the identified vulnerability, assess the potential impact on affected systems, and any workarounds or updates to mitigate the issue. A VDB will assign a unique identifier to each vulnerability cataloged such as a number (e.g. 123456) or alphanumeric designation (e.g. VDB-2020-12345). Information in the database can be made available via web pages, exports, or API. A VDB can provide the information for free, for pay, or a combination thereof. History The first vulnerability database was the "Repaired Security Bugs in Multics", published by February 7, 1973 bJerome H. Saltzer He described the list as "''a list of all known ways in which a user may break down or circumvent the protection mechanisms of Multics''". The list was initially kept somewhat private with the intent of keeping vu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Security Foundation
The Open Security Foundation (OSF) was a 501(c)(3) non-profit public organization "founded and operated by information security enthusiasts". The OSF managed several projects including the Open Source Vulnerability Database (OSVDB), Data Loss Database (DatalossDB), and Cloutage. The OSF was established in 2005 to function as a support organization for open source security projects. It was originally conceived and founded to support the OSVDB project, but its scope evolved to provide support for numerous other projects. The foundation allows organizations and individuals to provide charitable contributions to support open source security projects that provide value to the global community. The foundation also provided guidance, legal, administrative, policy guidelines, and other support to numerous projects. The Open Security Foundation was conceived by Chris Sullo, Jake Kouns, and Brian Martin in early 2004, and obtained official US 501(c)3 non-profit status in April, 2005 (EIN: ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Chris Sullo
Chris Sullo is a security expert known as the author of Nikto Web Scanner. He is specialized in web-security and pen-testing. He was the co-founder, CFO and Treasurer of Open Security Foundation, and creator of the RVAsec security conference. He currently works as a penetration testing specialist for the IT risk firm Focal Point Data Risk. OSVDB Sullo was acting as a Moderator and Vulnerability Manager of OSVDB. He has been a mentor of Google Summer Code since OSVDB was accepted as a mentor organization for Google's Summer of Code 2006 and 2007. He handled and approved all new vulnerabilities that are added to the database as well as manages the web checks. In addition, Chris is co-founder and Treasurer of the Open Security Foundation. Nikto Sullo is the author of Nikto, the leading open source web security assessment tool. It is an open source web server scanner. Nikto is known to perform comprehensive tests against web servers for multiple items, including over thousands o ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Security
Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). Information security's primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves: * identifying inform ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Open Security
Open security is the use of open source philosophies and methodologies to approach computer security and other information security challenges. Traditional application security is based on the premise that any application or service (whether it is malware or desirable) relies on security through obscurity. Open source approaches have created technology such as Linux (and to some extent, the Android operating system). Additionally, open source approaches applied to documents have inspired wikis and their largest example, Wikipedia. Open security suggests that security breaches and vulnerabilities can be better prevented or ameliorated when users facing these problems collaborate using open source philosophies. This approach requires that users be legally allowed to collaborate, so relevant software would need to be released under a license that is widely accepted to be open source; examples include the Massachusetts Institute of Technology (MIT) license, the Apache 2.0 license, the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Black Hat Briefings
Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh. The conference has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past. History The first Black Hat was held July 7-10, 1997 in Las Vegas, immediately prior to DEF CON 5. The conference was aimed at the computer industry, promising to give them privileged insight into the minds and motivations of their hacker adversaries. Its organizers stated: "While many conferences focus on information and network security, only the Black Hat Briefings will put your engineers and software programmers face-to-face ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DEF CON
DEF CON (also written as DEFCON, Defcon or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied, and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat. Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF) is p ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Vulnerability Databases
Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g. freedom from want); as the presence of an essential good (e.g. food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g. a secure telephone line); as containment (e.g. a secure room or cell); and as a state of mind (e.g. emotional security). The term is also used to refer to acts and systems whose purpose may be to provide security (security companies, security forces, security guard, cyber security systems, security cameras, remote guarding ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internet Properties Established In 2002
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, public, academic, business, and government networks of local to global scope, linked by a broad array of electronic, wireless, and optical networking technologies. The Internet carries a vast range of information resources and services, such as the inter-linked hypertext documents and applications of the World Wide Web (WWW), electronic mail, telephony, and file sharing. The origins of the Internet date back to the development of packet switching and research commissioned by the United States Department of Defense in the 1960s to enable time-sharing of computers. The primary precursor network, the ARPANET, initially served as a backbone for interconnection of regional academic and military networks in the 1970s to enable resource sharing. The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
