Why Is There No Free Software Vulnerability Database?
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the critical issue of free software vulnerability databases in this 53-minute Linux Foundation conference talk. Delve into the reasons behind the absence of such databases, understand the National Vulnerability Database (NVD), and discover potential solutions. Learn about Package URL, data aggregation techniques, and the proposed data model for vulnerability tracking. Examine the creation process, challenges faced, and future plans for implementing a free software vulnerability database. Gain insights into sustainability concerns and the innovative approach of identifying vulnerabilities using byte signatures. Join Philippe Ombredanne from AboutCode.org and nexB Inc., along with Michael Herzog from nexB Inc., as they address this crucial topic in open-source security.
Syllabus
Introduction
Why is there no free software vulnerability database
What is the NVD
What is a solution
The solution
Package URL
Aggregation
Data Model
Vulnerability Code
Features
Creation
Challenges
Old Data
Future Plans
Sustainability
Identifying with byte signatures
Taught by
Linux Foundation
Tags
Related Courses
Information Security - 5 - Secure Systems EngineeringIndian Institute of Technology Madras via Swayam Reverse Engineering and Exploit Development
Udemy Master the OWASP Top 10
LinkedIn Learning CASP+ Cert Prep: 2 Enterprise Security Architecture
LinkedIn Learning Learning the OWASP Top 10 (2018)
LinkedIn Learning