Global Security Database (GSD)

 View Only

Latest Publications

Keeping up with log4shell aka CVE-2021-44228 aka the log4j version 2

+ Released: December 16, 2021

Got Vulnerability? Cloud Security Alliance Wants to Identify It

+ Released: July 15, 2021

Publications In Development

GSD Working Group Charter

Peer Review/ Design


Latest Discussion Posts

  • A quick reminder that there is no meeting next week on Monday, July 4th. We will be sending out a doodle poll in the near future to pick a new meeting time for folks as well. Thanks all! ------------------------------ Josh Buker Research Analyst ...

  • Profile Picture

    No meeting June 20th

    Hi all, This week's meeting is cancelled, as there are some time conflicts as well as the observed holiday. However, Josh Bressers and I will be presenting on GSD at the Linux Foundation's Open Source Summit later this week! Thanks all, ...

  • One option would be to support the OWASP CycloneDX standard. Technically, it's a Bill of Materials (BOM) format, however, it also supports Bill of Vulnerabilities, Advisory, and VEX format. We bill it as a "modern standard for the software supply chain". ...

  • While I think interoperability with existing formats is valuable, we should not restrict or limit the functionality to only the existing challenge areas (which have gotten us here in the first place). That being said, (and rereading this thread), I'm ...

  • I'm not sure I agree, but I would welcome some examples so we can better discuss this. Thanks. ------------------------------ Kurt Seifried Chief Blockchain Officer and Director of Special Projects Cloud Security Alliance [email protected] ...

Latest Shared Files

Current Members
91 Members
community Admin
community Moderator
community Leadership
community Admin
community Moderator
community Leadership