|
The '''Open Sourced Vulnerability Database''' ('''OSVDB''') was an independent and open-sourced [[vulnerability database]]. The goal of the project was to provide accurate, detailed, current, and unbiased technical information on [[Information security|security]] vulnerabilities. The project promoted greater and more open collaboration between companies and individuals.
Its goal was to provide accurate, unbiased information about security vulnerabilities in computerized equipment. The core of OSVDB was a relational database which tied various information about security vulnerabilities into a common, cross-referenced [[open security]] data source. As of November,December 2013, the database cataloged over 100,000 vulnerabilities.<ref>{{cite web |url=https://blog.osvdb.org/2014/01/20/we-hit-the-100000-mark/ |title=We hit the 100,000 mark… |date=20 January 2014 |access-date=22 January 2020}}</ref>
==History==
The project was started in August 2002 at the [[Black Hat Briefings|Blackhat]] and [[DEF CON]] Conferences by several industry notables (including [[H. D. Moore]], rain.forest.puppy, and others). Under mostly-new management, the database officially launched to the public on March 31, 2004.<ref>{{cite news |url=https://www.networkworld.com/article/3053613/open-source-vulnerabilities-database-shuts-down.html |title=Open-source vulnerabilities database shuts down |first=Jon |last=Gold |work=Network World |date=7 April 2016 |access-date=22 January 2020}}</ref>
The [[Open Security Foundation]] (OSF) was created to ensure the project's continuing support. Brian Martin (AKA Jericho) and Jake Kouns arewere project leaders for the OSVDB project,<ref>http://opensecurityfoundation.org/</ref> and currently hold leadership roles in the OSF.<ref>{{cite Itweb is a client|url=https:/server implementation that consists of a server daemon (mysqld) and many different client programs/librarieswww.riskbasedsecurity.com/leadership/ It|title=Leadership has|work=Risk aBased pluggableSecurity data|access-date=22 storeJanuary architecture2020}}</ref>
On 5 April 2016, the database was shut down, although the blog will continue.<ref>{{cite web |url=https://blog.osvdb.org/2016/04/05/osvdb-fin/</ref> although|title=OSVDB: theFin blog|date=5 willApril continue.2016 |access-date=22 January 2020}}</ref>
==Process==
Originally, vulnerability reports, advisories, and exploits posted in various security lists enterentered the database as a new entry. The new entry containscontained only a title and links to entries of the same vulnerability in other security lists. However, at this stage the page for the new entry doesndidn't contain any detailed description of the vulnerability. After the new entries arewere thoroughly scrutinized, analyzed and refined, descriptions of the vulnerability, its solutions and test notes arewere added. Then these details arewere reviewed by other members of '''OSVDB''', further refined if necessary, and then made stable. Once it iswas stable, the detailed information appearsappeared on the page for the entry.
As of January, 2012, vulnerability entry was performed by full-time employees of the OSF. Every new entry included a title, description, solution (if known), classification data, references, products, and creditee.
==Contributors==
* Christian Seifert (Mangler)
* Zain Memon (Codebase)
== Open Security Foundation ==
The Open Security Foundation is a non-profit 501(c)(3) organization established in early 2005 to function as a support organization for [[open source]] security projects. It was originally conceived and founded as a support for the OSVDB project, but its scope is evolving to provide support for numerous other projects.
The foundation allows organizations and individuals to provide charitable contributions to support open source security projects that provide value to the global community. The foundation also provides guidance, legal, administrative, policy guidelines, and other support to numerous projects.<ref>{{cite web|title=Open source vulnerability posts|url=https://www.peerlyst.com/categories/open-source-intelligence-(osint)|publisher=www.peerlyst.com|accessdate=10 June 2016}}</ref>
The Open Security Foundation was conceived by [[Chris Sullo]], Brian Martin, and [[Jake Kouns]] in early 2004, and obtained official US 501(c)3 non-profit status in April 2005.
== References ==
<references />
== External links ==
* [https://blog.osvdb.org/ OSVDB Blog]
* [https://www.riskbasedsecurity.com/ Risk Based Security]
[[Category:Security vulnerability databases]]
| 