_
28-Aug-2008 | 22:58:18

HOME TOOLS PUBLICATIONS SECURITY-RADAR DOWNLOAD FUN
Research | Papers | Articles | Presentations | Press & Media | Video |
Index | Vulnerability Ecosystem | Vulnerability Lifecycle | Risk Exposure | Disclosure | SIP | Dynamics of (In)security |
News:

.



Bookmark Page
Bookmark on digg Bookmark on deli.cio.us Bookmark on reddit Bookmark on Technorati Bookmark on stumbleupon Bookmark on Google Bookmark on Yahoo MyWeb

Security Information Provider (SIP)

Security Information Providers (SIP) are the entities that monitor the security (and insecurity) scene. Nowadays, an exploit being published or spreading will be analyzed quickly and result in a disclosure of the corresponding vulnerability (e.g. a security advisory) The disclosure contains important technical and risk information to help the public to assess their individual risk and plan countermeasures. This argument also works the other side, vulnerabilities disclosed are analyzed by blackhats and exploits will follow quickly.

Source for the disclosure date

CERT Computer Emergency Response Team FrSirt IBM ISS X-Force Secunia SecurityFocus To select a source for the disclosure date, we analyzed the disclosure dates published by the following security information providers: CERT, FrSirt, IBM ISS X-Force, Secunia, and SecurityFocus. These are the most referenced security information providers in the National Vulnerability Database NVD and Common Vulnerabilities and Exposures CVE databases. The following plots depict the number of security vulnerabilities disclosed by the respective Security Information Provider for the period 1996 to 2007.

 

Top | © 1996-2008 by Stefan Frei | IP: 38.103.63.59 | Elapsed: 0 sec | Page: 1 | VP: 83.43%