bpmcdevitt/security_tools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

change some wording

Browse source
This commit is contained in:
Brendan McDevitt 2022-08-17 22:19:31 -05:00
parent e9bcf0b9fb
commit 24c474d5df
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
notes/notes_from_blackhat_2022.md
View file

@ -24,7 +24,7 @@ This can be thought of as a machine-readable security advisory. There is alot of
#### Package-url (PURL) #### Package-url (PURL)
CPE has its limitations and [package-url](https://github.com/package-url/purl-spec) can be an open standard that can improve upon it, or a better way to probably think about it is a way to supplement/enhance on top of CPE. It was vetted by some of the people who wrote HTTP and its a url. A great introduction to it can be found [here](https://www.youtube.com/watch?v=qtl0xA1eVPM) CPE has its limitations and [package-url](https://github.com/package-url/purl-spec) can be an open standard that can improve upon it, or a better way to probably think about it is a way to supplement/enhance on top of CPE. It was vetted by some of the people who wrote HTTP and its a url. A great introduction to it can be found [here](https://www.youtube.com/watch?v=qtl0xA1eVPM)
#### Open Source Vulnerability Database #### Open Source Vulnerability Database
[osv.dev](osv.dev) This database is super awesome and they have a great [schema](https://ossf.github.io/osv-schema/). I am going to start contributing to this database to help strengthen the ecosystem further. By having this database be open source, all of the companies and vendors can finally start to work together and we can work at a pace that each individual is comfortable at. I think alot more work can get done this way and we can build a great vulnerability database together out in the open. Everyone will benefit from this. It uses PURL package-urls instead of CPEs and goes directly to the advisory if their is a machine readable version. The more advisories that can get converted to this schema format, the quicker this database can get adapted across the entire security ecosystem so everybody is not all solving the same solution for no reason. We all want the same thing, to secure the systems, and this is a great way to approach it. [osv.dev](osv.dev) This database is super awesome and they have a great [schema](https://ossf.github.io/osv-schema/). I am going to start contributing to this database to help strengthen the ecosystem further. By having this database be open source, all of the companies and vendors can finally start to work together and we can work at a pace that each individual is comfortable at. I think alot more work can get done this way and we can build a great vulnerability database together out in the open. Everyone will benefit from this. It uses PURL package-urls instead of CPEs and goes directly to the advisory if their is a machine readable version. The more advisories that can get converted to this schema format, the quicker this database can get adapted across the entire security ecosystem so everybody is not all solving the same solution in their own closed ecosystems. We all want the same thing, to secure the systems, and this is a great way to approach it.
#### Vulnerability Scanners #### Vulnerability Scanners
I did not see much on Microsoft based scanners, other than the Microsoft booth who were marketing their Endpoint software. Which for Windows based stuff works great, but I have also recently learned that it does work well for Linux based systems too. Overall the Microsoft vuln scanner is really good and I would love to get it in an enviroment to test it out further. I did not see much on Microsoft based scanners, other than the Microsoft booth who were marketing their Endpoint software. Which for Windows based stuff works great, but I have also recently learned that it does work well for Linux based systems too. Overall the Microsoft vuln scanner is really good and I would love to get it in an enviroment to test it out further.
- [Grype](https://github.com/anchore/grype): Go based. Container and filesystem scanner. Works great with SBOMS. Kind of takes its input from SYFT SBOMS. Similiar to Trivy. I will be reading much of the source code to learn Go and understand more about how to do SBOMs. - [Grype](https://github.com/anchore/grype): Go based. Container and filesystem scanner. Works great with SBOMS. Kind of takes its input from SYFT SBOMS. Similiar to Trivy. I will be reading much of the source code to learn Go and understand more about how to do SBOMs.