| 1 |
On Friday 26 August 2011 15:22:40 Daniel A. Avelino wrote: |
| 2 |
> > When I think about automation, I had in mind something that could help |
| 3 |
> |
| 4 |
> developers to find |
| 5 |
> vulnerabilities in a more fast way [searching and confronting CVE, for |
| 6 |
> example] and start a |
| 7 |
> "call for solution" process. I work with solutions of this type for WEB |
| 8 |
> vulnerabilities discover |
| 9 |
> and some tools are very interesting to reduce the correction time. |
| 10 |
> |
| 11 |
|
| 12 |
We already use CVE as one of our sources of vulnerability intelligence. |
| 13 |
Finding issues is also not the real issue here. |
| 14 |
Also, actual issue correction is not our job, it's the responsibility of the |
| 15 |
package maintainer. |
| 16 |
|
| 17 |
Can you share details about the utilities you are using? |
| 18 |
|
| 19 |
Alex |
| 20 |
|
| 21 |
-- |
| 22 |
Alex Legler <a3li@g.o> |
| 23 |
Gentoo Security / Ruby |
Archives