Circle
Events
Blog

Global Security Database (GSD)

Join Group
Join this working group
Global Security Database (GSD)
Given the increase in successful attacks against all forms of IT infrastructure, it has become obvious that current efforts to track vulnerabilities using vulnerability identifiers has reached its limit. Identifiers need to be easily discovered, fast to assign, updatable, and publicly available. The number of vulnerabilities is growing faster than we are currently able to track them.

With the proliferation of open source usage in services and commercial software, the requirements for vulnerability identifiers have changed. The need for increased scope of coverage, deeper reporting and information, and reduced latency are now requirements. Everyone in IT is building and consuming software in unique ways, there is no one single way in our modern infrastructure; any attempt at a one-size-fits-all is doomed to failure.

You can learn more about why this group was created in this blog from Cloud Security Alliance’s Founder and CEO, Jim Reavis.

As an industry, we need to start talking about how to solve this problem. One way you can do this is by joining our mailing list at https://csaurl.org/list-uvi. We also would like to encourage you to get the conversation started by sharing any questions or ideas you have for this project in the Global Security Database (GSD) Community on Circle.

Related Github resources:

Global Security Database (GSD)

The mission of this working group is to identify and understand the problems around vulnerability discovery, reporting, publication, tracking, and classification.

Next Meeting

Jan 18, 2022, 10:00AM PST
Join the Meeting



Working Group Leadership

Josh Bressers Headshot
Josh Bressers
Josh Bressers

Product Security Technical Lead

Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Everything from managing supply chains, vulnerabilities, security development lifecycle, DevSecOps, security product management, security strategy, and nearly any other task that falls under the security umbrella. Josh co-hosts the Open Source Security Podc...

Read more

Kurt Seifried Headshot
Kurt Seifried
Kurt Seifried

Chief Blockchain Officer, Director of Special Projects, CSA

For over 2 decades Kurt has been involved in the information security field, starting with Windows and Linux and continuing on to cloud and now Blockchain. With a strong focus on security and privacy Kurt brings a wealth of knowledge and experience to the CSA.

Read more

Join this working group