Global Security Database (GSD)

Hi all, We're looking for feedback on what endpoints api.gsd.id should support so that we build out what people need instead of what we think people want. We would love your input on the GitHub discussion! Please see: https://github.com/cloudsecurityalliance/gsd-tools/discussions/167 ...

Thank you. Will start there Sent from my iPhone

Hi Randolph, Sorry I didn't see this sooner. A good starting place would be to sign up for the working group here: https://csaurl.org/gsd-signup We're currently working on the tooling, scripts, and onboarding documentation. You can find meetings on ...

Hi All, NIST has published NIST Internal Report (IR) 8409, Measuring the Common Vulnerability Scoring System Base Score Equation. Calculating the severity of information technology vulnerabilities is important for prioritizing vulnerability remediation ...

I don't think these are vulnerabilities per se, but they are definitely sharp edges that clearly most people don't know about. One thought: if there's an "informational" entry, e.g. "python pip will install software, as expected, but can also do so directly ...