lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu Jan 26 10:23:35 2006
From: jkouns at opensecurityfoundation.org (jkouns)
Subject: OSVDB - 2005 Recap and Status Update

OSVDB - 2005 Recap and Status Update

The Open Source Vulnerability Database (OSVDB), a project to catalog and 
describe the world's security vulnerabilities, has had a challenging yet 
successful year. The project is fortunate to have the continued support 
of some devoted volunteers, yet remains challenged to keep up with the 
increasing number of vulnerability reports, as well as work on the 
back-log of historical information. Volunteers are continually sought to 
help us achieve our short and long-term goals.

Despite resource constraints, there have been many exciting successes in 
2005:

* A major project goal of obtaining 501(c)3 non-profit status from the 
U.S. IRS was achieved. Obtaining non-profit status was critical to the 
long-term viability of the project.  This status allows OSVDB to take 
charitable donations to help cover operating expenses, while providing a 
tax benefit to donor companies and individuals.

* The vulnerability database has grown to over 22,000 entries thanks to 
the dedicated work of Brian Martin, OSVDB Content Manager. At the end of 
December, over 10,000 of those vulnerabilities were worked on by 
volunteers to provide more detailed and cross-referenced information. 
Our volunteer "Data Manglers" and Brian have helped ensure OSVDB is the 
most complete resource for vulnerability information on the Internet.

* OSVDB started a blog in April, as a way for us to keep the public 
better informed on the project's status.  Very quickly we realized the 
blog was a perfect place to discuss and comment on various aspects of 
vulnerabilities, and has become a successful mechanism for communicating 
with the security industry. If you have suggestions for topics, or would 
like to join the discussion, please visit the OSVDB blog at: 
http://osvdb.org/blog/.

* We are pleased to welcome Kevin Johnson as leader of the OSVDB 
development team. Kevin joins OSVDB with a strong background in 
information security, and as leader of the BASE project, has a proven 
track-record managing open source teams.  We are very excited about 
Kevin joining the project, and hope to provide more information soon 
regarding the OSVDB development road map.  If you are interested in 
becoming a part of the new OSVDB development team, please contact us!

We would like to also recognize our sponsors and thank them for their 
support. Digital Defense, Churchill & Harriman, Audit My PC, and 
Opengear have all provided important resources to OSVDB over the past 
year. We would also like to thank Renaud Deraison of the Nessus Project 
and HD Moore of the Metasploit Project for their support. Lastly, we of 
course want to thank our volunteers, and note that several of them have 
contributed to Nessus Network Auditing, available from Syngress Publishing.

We are very pleased with the progress and growth of OSVDB over the past 
year, but do not want to downplay the importance of recruiting new 
volunteers, as well as retaining our current ones, in order to get 
through the considerable back-log of vulnerabilities that need further 
work. This task is daunting, but will not only help retain valuable 
historical vulnerability information, but will also allow OSVDB to 
generate meaningful statistics for past and current years.

We have had a great year, and are looking forward to another one! We are 
of course still seeking assistance to help keep OSVDB successful--the 
project has many ideas in need of financial and volunteer support to 
implement.  For more information on supporting OSVDB through 
volunteering or sponsorship, please contact moderators@...db.org.

Sponsors/References:

Audit My PC: http://www.auditmypc.com/
Churchill & Harriman: http://www.chus.com/
Digital Defense: http://www.digitaldefense.net/
Opengear: http://www.opengear.com/
Nessus Network Auditing: http://www.syngress.com/catalog/?pid=2850

###

More Information:

Jake Kouns
Open Source Vulnerability Database Project
+1.804.306.8412
jkouns@...db.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ