Global Security Database

The Global Security Database (GSD) is a new Working Group project from the Cloud Security Alliance meant to address the gaps in the current vulnerability identifier space.

The world of vulnerability identifiers has changed drastically in the last 20 years while the infrastructure and management of public and private vulnerability data have changed very little. This has created a sizable gap between the current needs of industry and the ability of existing projects to be effective.

What is the GSD?

GSD, or Global Security Database, is meant to be a fast, cooperative, royalty free, and public collection of security information. The project uses the open source model to overcome many of the existing shortcomings of security databases such as being difficult to access, update, and restricted use of the security information. GSD is sponsored by the Cloud Security Alliance, a nonprofit organization, in order to have a neutral home for the project. Anyone is welcome to request new security identifiers, submit updates to existing security identifiers, and contribute ideas to the project.

Joining

There is a mailing list at https://csaurl.org/list-gsd for general and technical discussion.

The CSA Circle Community is available at https://csaurl.org/circle-gsd.

We are also on GitHub at https://github.com/cloudsecurityalliance/gsd-database and https://github.com/cloudsecurityalliance/gsd-project filing issues in gsd-project is a great way to capture anything specific you want to bring up.

Requesting a GSD ID

• To request a single GSD ID please use https://requests.globalsecuritydatabase.org
• To request multiple IDs or setup an integration please contact us, the easiest way to do so and ensure visibility into the process is to file an issue in the gsd-database repo in GitHub
• To get our attention on Twitter please use the hashtag #gsdrequest

Finding and Editing a GSD entry

• To find a GSD simply use the search or if you’re looking for a specific CVE/NVD entry we map GSD id’s to them 1:1 so CVE-2021-44228 is GSD-2021-44228 for example. GSD original content starts in the one million range to ensure there is no overlap with other public databases like CVE.
• To edit a GSD entry simply go to https://edit.globalsecuritydatabase.org/ and enter the GSD ID and hit edit. Please note it’s not fully functional yet, it will file an issue with the updates, we are still working on the robot to process these issues automatically

GSD Quick Links

This list is also accessible via the URL https://csaurl.org/gsd-quick-links.

• About GSD
  • Home Page: https://globalsecuritydatabase.org
  • Join the working group: https://csaurl.org/gsd-landing-page
  • WG Meeting Agenda: https://csaurl.org/gsd-agenda
  • Press mentions: https://globalsecuritydatabase.org/press
• Communication Channels
  • Circle Community (Forums): https://csaurl.org/gsd-circle 
  • Mailing-list: https://csaurl.org/gsd-mailing-list
  • Slack: https://csaurl.org/csa-public-slack #gsd-working-group
• Interact with the data
  • GitHub Repos: https://globalsecuritydatabase.org/repos/
  • Request a GSD: https://requests.globalsecuritydatabase.org/ 
  • Edit a GSD entry: https://edit.globalsecuritydatabase.org/

Working Group Recurring Meetings

The GSD Working Group meets every other Friday, from 9am-10am Pacific (12pm-1pm Eastern). To join, please see the “Virtual Meetings” section on the working group calendar page.