Most Popular
Security-Database now mapping alerts with CWE/SANS Top 25
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
Security-Database integrates CAPEC v1.5
Common Attack Pattern Enumeration and Classification (CAPEC) provides a a publicly available catalog of attack patterns along with a comprehensive schema and classification taxonomy. The CAPEC assists in enhancing security throughout the software development lifecycle, and to support the needs of developers, testers and educators
CWE/SANS Top 25 list updated to v1.0.3
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at al
Seccubus v1.4.1 released
Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting.
Security-Database Vulnerability Dashboard updates
Security-Database IT Vulnerability & Threats Dashboard allows readers and others security professionals to visualize in a granular manner the evolution of the attacks and the vulnerabilities list for each products. We use the worldwide references as well as CVE, CVSS, OVAL and CWE which guaranty a trusty and real information that comply to the standards.
AutoNessus v1.3.2 released
AutoNessus automates regular Nessus scans and provides delta reporting.
The goal is to reduce the analysis time for subsequent scans of the same infrastructure by only reporting delta findings.
CWE/SANS Top 25 Most Dangerous Programming Errors
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
CVSS V2.0 Web based calculator released
CVSS stands for Common vulnerability Scoring System. It helps to score vulnerabilities severity and determine urgency of response and patch management. For more advanced information about CVSS Scoring metrics, please refer to http://www.first.org/cvss/.
CCWAPSS Methodology updated to v1.1
CCWAPSS (Common Criteria Web Application Security Scoring ) is a comprehensive security scoring methodolody dedicated to web application pentests.
This scale aims to sharing a common, open and documented evaluation
methodology between security auditors and the end-customers.
Focus on CCWAPSS Web Application Scoring Scale Version 1.0
A friend of mine Frederic Charpentier (senior security consultant) developed a good new web application scoring scale called CCWAPSS. CCWAPSS stands for Common Criteria Web Application Security and it aims to share a common evaluation method for web application security assessments/pentests between security auditors and final customers.
CVSS (Common Vulnerability Scoring System ) Version 2.0 released
The Common Vulnerability Scoring System (CVSS) provides an open framework for communicating the characteristics and impacts of IT vulnerabilities. CVSS consists of 3 groups: Base, Temporal and Environmental.