Global Security Database

Global Security Database

The Global Security Database is a new project from the Cloud Security Alliance meant to address the gaps in the current vulnerability identifier space.

The world of vulnerability identifiers has changed drastically in the last 20 years while the infrastructure and management of public vulnerability data has changed very little. This has created a sizable gap between the current needs of industry and the ability of existing projects to be effective.

The #log4shell (CVE-2021-44228) is a perfect example of this, in the first 3 days there were 5 updates to add some URLs and one update to silently remove some information about Java 8u121, compared to the hundreds of tweets and articles posted online, many of which the GSD entry (GSD-2021-1002352) captures in its data.

For more details on the Global Security Database please see GitHub: https://github.com/cloudsecurityalliance

Joining

The CSA Circle Community is available at https://csaurl.org/circle-gsd.

There is also a mailing list at https://csaurl.org/list-gsd.

GitHub Resources