Vulnerability data has never been more important than it is today, yet the data is not always machine readable, community updatable, or of an acceptable level of quality and completeness. Due to these problems we are seeing every ecosystem create their own bespoke vulnerability database. Vulnerability data has never been more important, or harder to use.
The Global Security Database is addressing these issues in a way that builds community using the open source model. No one organization can be responsible for vulnerability data, it has to be a community effort with community ownership with a strong OpenSource license. The right way isn’t the GSD way, the right way is the open source way. Everyone from developers, companies, and ecosystems should work together to find solutions that work.
The first step in this journey is to build the vulnerability community. If you are interested in working on data, policy, or tooling, please see the getting started guide and dive in!