Scope on Application Vulnerability Description Language
by Berislav Kucan - Thursday, 25 November 2004.
The Application Vulnerability Description Language (AVDL) is a rather new security interoperability standard within the Organization for the Advancement of Structured Information Standards (OASIS) that was first proposed in April 2003 by several leaders within the application security space. AVDL creates a uniform way of describing application security vulnerabilities using XML.
Caleb Sima, SPI Dynamics CTO, talks to Help Net Security about this interesting web application security topic. Some of the questions you can get answers to by listening to the audio include:
When and why was AVDL introduced
Who should care about AVDL
Is there a need for similiar concepts or AVDL is the thing
What vendors participate in AVDL
Would other vendors benefit from participating in AVDL
Is AVDL a success at this point
The audio session is 8:17 minutes long and is streamed in Flash format. If you can't see the controls below, download Flash here.
Posted on 23 October 2014. | Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.
Posted on 22 October 2014. | A new Windows zero-day vulnerability is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects.
Posted on 21 October 2014. | Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.
Posted on 15 October 2014. | Lynis unearths vulnerabilities, configuration errors, and provides tips for system hardening. It is written in shell script, installation is not required and can be performed with a privileged or non-privileged account.