The VRS provides relevant and timely information on open source vulnerabilities by leveraging data from the
National Vulnerability Database (NVD), a comprehensive cyber security database sponsored by the Department of Homeland Security, run by the National Institute of Standards and Technology, with Common Vulnerability and Exposure (CVE) data from The MITRE Corporation.
This service is being implemented within the National Vulnerability Database (NVD) at NIST, based on Red Hat's recommendation.
Through our work with NIST's National Vulnerability Database, we can now provide official statements about vulnerabilities and their potential impact via a widely recognized mechanism, as well as enable the entire software industry to contribute.
8) Watch for Pre-Announcements -- Monitor security sites for pre-announcements of patches and discussion of vulnerabilities and possible zero-day exploits that they may address from sources such as SANS,
National Vulnerability Database, etc.
Integration with the
National Vulnerability Database, which is based on and synchronized with the MITRE CVE naming standard: this comprehensive cyber security vulnerability database enables customers to better understand how vulnerabilities impact their business and how to fix them as well as the latest threats against their CVEs.
Take a look at the NIST
National Vulnerability Database sometime and you'll see what I mean.
