thomas.mackenzie at upsploit.com
Wed Aug 25 17:56:11 CDT 2010
Does anyone know a way in which we could get an SQL dump for the Vendors list on OSVDB for upSploit?
On 25 Aug 2010, at 01:50, Jake Kouns wrote:
> Definitely curious to see what happens for sure ... As many already
> know a vuln disclosure portal to help with the process and make
> advisories more mad libs style was a goal of OSVDB and we started work
> on it during the 2006 Google Summer of Code....
> We called it the OSVDB Ethical Disclosure Framework at the time which
> we ultimately abandoned the term ethical for coordinated disclosure.
> This had been one of the projects that we wanted for years and we
> thought it was validated as we were seeing more and more issues with
> the disclosure process!
> We believed all along that OSVDB could be the service that helped to
> improve, streamline and more importantly remove the mystery of the
> breakdowns in the process. OSVDB has been handling one-off disclosures
> for researchers over the past 8 years and it is not an easy task. The
> amount of time it takes to handle a disclosure process is huge. We
> realized early on that a lot of the process needed to be automated in
> order to be successful and repeatable.
> Copied the project info@ on this email so perhaps we can get an update
> from the project team and determine if it makes sense to potentially
> work together and/or integrate with OSVDB.
> On Tue, Aug 24, 2010 at 5:19 PM, security curmudgeon
> <jericho at attrition.org> wrote:
>> On Tue, 24 Aug 2010, Art Manion wrote:
>> : http://www.upsploit.com/
>> : Is this on anyone's radar?
>> We saw it a few weeks back, read the web page and found it interesting.
>> Haven't heard anything about it other than what is there now.
More information about the VIM