Loading...
About the OSVDB API
The Open Source Vulnerability Database (OSVDB) is an independent and open source database created by and for the security community. The goal of OSVDB is to provide accurate, detailed, current, and unbiased technical information. By utilizing a wide range of diverse resources, OSVDB brings vulnerability information together in one centralized location, thus reducing the need to access multiple locations for the same information. The database itself is openly available for download, can be cross-referenced by other databases, and is available for integration into security products such as vulnerability scanners and intrusion detection and prevention systems.
Some of the data in a typical OSVDB entry includes date of disclosure, attack type, impact, available solutions, and a list of references to other resources with detailed information about each particular vulnerability. In addition, entries are complimented with vulnerability-specific blog postings from information security bloggers around the globe as well as relevant user comments about a given vulnerability.
With over 40,000 unique vulnerabilities already included in the database,
OSVDB strives to be the most accurate and comprehensive collection of publicly
available vulnerability information. A Wiki-style editing format allows
for quick and efficient updates which can constantly be revisted, and a team
of experienced moderators review all changes for quality and accuracy
before information is released to the public. Companies can benefit from
integrating OSVDB into their services by receiving increased visibility in the
security industry as well as receiving acknowledged contribution to a
community project.
Cross-referencing and integrating with OSVDB is easy via its new application programming interface (API), which can provide multiple result formats to fit various needs. Queries can be run against any number of correlation factors, including CVE ID, Microsoft Bulletin ID, Bugtraq ID, and a host of other common reference points. The API is also under constant development, and suggestions for improvements are quickly and easily implemented by the OSVDB development team.
Vendors and products currently using OSVDB as a resource include:
Integrators can also choose to provide OSVDB with a list of filters and/or rules from their products for us to cross-reference by CVE or other reference points for inclusion in our "Tools and Filters" section. This section lists vendors which provide protection against a specific vulnerability, and can link off to the vendor's website, or to detailed documentation about your filter.
See http://osvdb.org/40229 for an example detailing Nessus rules in the Tools & Filters section for a given vulnerability. Inclusion in the Tools & Filters section benefits the community of visitors that utilize OSVDB, as well as the vendors themselves in terms of visibility.
For more information regarding the use and integration of OSVDB into a project
or product, please email , visit the API documentation, or fill out the integration information request form.
