The Open Source Vulnerability Database



Via El Reg, the Open Source Vulnerability Database hopes to keep track of security threats with an open source spirit.  They hope that their database will be comprehensive, and pledge to keep the information in that database free and accessable to all.

OSVD is also experimenting with several alternative distribution methods:

An XML-formated version of the database, facilitating automated querying processes, is in the works.

The OSVDB system will also prototype automated posting of vulnerabilities through an RSS-like push mechanism. Subscribers will receive each new vulnerability at the moment it is cleared into the database, and can choose to set customized filters to receive a subset of those records as needed.

These ways of accessing data are great, but why not use RSS too?  It would be great to have vulnerability data show up alongside the other news that I read throughout the day.  I’d also love to see an Atom feed for this data while I’m at it.