NIST, DHS add national vulnerability database to mix

NIST, DHS add national vulnerability database to mix
Robert Lemos, SecurityFocus 2005-08-12

The National Institute of Standards and Technology and the Department of Homeland Security took the wraps off the National Vulnerability Database this week, but questions still remain whether the federal initiative improves upon existing databases or just adds another choice to the current collections of flaws.

Colapse all | Post comment

What a total waste of federal funds!!! 2005-08-12
Age (1 replies)

There are already a good number of vulnerability databases. The big two that come to mind initially are

ISS X-Force Database http://xforce.iss.net/xforce/search.php

and the OSVDB

http://www.osvdb.org/

I've read both of them over and they are far superior to the NVD. They also reference CVEs. T...

[ more ] [ reply ]

Re: What a total waste of federal funds!!! 2005-08-16
Certified Security Professional (1 replies)

And the point of your statement is?

If you understood the simple fact that the databases you mention are maintained by organizations that have no obligations to meet any standards whatsoever, you would see the requirement of Government to support this initiative. Those organizations can manipulat...

[ more ] [ reply ]

Re: Re: What a total waste of federal funds!!! 2005-08-19
Age

The point of my statement is quite simple. We already have mature vulnerability databases in the form of the OSVDB & ISS X-Force Database. Both databases are peer reviewed, and are open for comment. Both are superior to the NVD.

The OSVDB is ran by several security professionals from the elite...

[ more ] [ reply ]

Poker Rating 2006-01-28
Alex

Badly with scripts. Not the convenient interface. And so a site interesting and useful. Has come, was surprised with quantity of the information. Has added in the selected works, and I suggest you to exchange references. In advance thanks, write...

[ more ] [ reply ]