Why Vulnerability Databases Can’t Do Everything

[This was originally published on the OSVDB blog.]


From: Steven M. Christey (coley[at]mitre.org)
Date: Fri Jul 15 2005 – 13:35:52 CDT

Vulnerability databases and notification services have to pore through approximately 100 new public vulnerability reports a week. Correction: that’s HUNDREDS of reports, from diverse and often unproven sources, for about 100 unique vulnerabilities per week.

A LARGE number of vendors and maintainers either:


Leave a Reply