Josh Bressers on Nostr: OK #vulnerability nerds With the current state of #NVD, there is a need to fill the ...
OK #vulnerability nerds
With the current state of #NVD, there is a need to fill the gap right now. It's expected that anything new happening is going to take months or years, which is longer than the world can wait
Anchore has an open source project we're currently calling "NVD Data Overrides" (naming things is hard)
https://github.com/anchore/nvd-data-overrides/
We're working on adding the same type of thing NVD used to do to the #CVE data. The data is licensed CC0, anyone can use it for anything.
The data repo currently has over 500 enriched IDs (there's a lot more to do, but this is how it starts).
If you're interested in this sort of thing please come help. The vulnerability world is now so big we need to cooperate the same way open source works, nobody can do this alone anymore
With the current state of #NVD, there is a need to fill the gap right now. It's expected that anything new happening is going to take months or years, which is longer than the world can wait
Anchore has an open source project we're currently calling "NVD Data Overrides" (naming things is hard)
https://github.com/anchore/nvd-data-overrides/
We're working on adding the same type of thing NVD used to do to the #CVE data. The data is licensed CC0, anyone can use it for anything.
The data repo currently has over 500 enriched IDs (there's a lot more to do, but this is how it starts).
If you're interested in this sort of thing please come help. The vulnerability world is now so big we need to cooperate the same way open source works, nobody can do this alone anymore