Cloud 101
Circle
Events
Blog

Working Group

Global Security Database (GSD)

The mission of this working group is to identify and understand the problems around vulnerability discovery, reporting, publication, tracking, and classification.
View Current Projects
Global Security Database Working Group Charter
Global Security Database Working Group Charter

Download

Global Security Database (GSD)

What is the GSD?

GSD, or Global Security Database, is meant to be a fast, cooperative, royalty free, and public collection of security information. The project uses the open source model to overcome many of the existing shortcomings of security databases such as being difficult to access, update, and restricted use of the security information. GSD is sponsored by the Cloud Security Alliance, a nonprofit organization, in order to have a neutral home for the project. Anyone is welcome to request new security identifiers (https://requests.globalsecuritydatabase.org/), submit updates to existing security identifiers (https://edit.globalsecuritydatabase.org/), and contribute ideas to the project (https://github.com/cloudsecurityalliance/gsd-project/issues).

Working Group Overview
Our working group meets twice a month on Fridays at 9am PT. We welcome anyone who would like to join, even if you would like to just listen-in on your first call.

What do we discuss? 
During our meetings we typically discuss updates to the GSD project, and plan future efforts. This working group meets every other week. 

Drafts & Important Docs

Working Group Leadership

Josh Bressers
Josh Bressers

Josh Bressers

Product Security Technical Lead

Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Everything from managing supply chains, vulnerabilities, security development lifecycle, DevSecOps, security product management, security strategy, and nearly any other task that falls under the security umbrella. Josh co-hosts the Open Source Security Podc...

Read more

Kurt Seifried
Kurt Seifried

Kurt Seifried

Chief Blockchain Officer & Director of Special Projects, CSA

For over 2 decades Kurt has been involved in the information security field, starting with Windows and Linux and continuing on to cloud and now Blockchain. With a strong focus on security and privacy Kurt brings a wealth of knowledge and experience to the CSA.

Read more

Publications in ReviewOpen Until
Security Guidance for Critical Areas of Focus in Cloud Computing v5 - OutlineMar 31, 2023
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

Jan

31

Tue, January 31, 9:00am - 10:00am PST
GSD Biweekly Meeting

Feb

14

Tue, February 14, 9:00am - 10:00am PST
GSD Biweekly Meeting

Feb

28

Tue, February 28, 9:00am - 10:00am PST
GSD Biweekly Meeting

Mar

14

Tue, March 14, 9:00am - 10:00am PDT
GSD Biweekly Meeting

Mar

28

Tue, March 28, 9:00am - 10:00am PDT
GSD Biweekly Meeting

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Security Guidance for Critical Areas of Focus in Cloud Computing v5 - Outline

Open Until: 03/31/2023

The proposed outline for the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing v5 is...