-
Notifications
You must be signed in to change notification settings - Fork 52
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1753 from blackducksoftware/OTWO-7127
OTWO-7127 Added BDSA landing page
- Loading branch information
Showing
8 changed files
with
31 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
.search-container | ||
.landing | ||
%span.fa | ||
%p Black Duck Security Advisories (BDSAs) are a Black Duck-exclusive vulnerability data feed sourced and curated by our Cybersecurity Research Center (CyRC). BDSAs offer deeper coverage for a wide set of vulnerabilities than is available through the National Vulnerability Database (NVD). While providing more timely and detailed vulnerability insights, including severity, impact and exploitability metrics. BDSAs also provide actionable remediation guidance to save time by providing details on fixed versions, patch information, exploits, and workarounds where available. | ||
%p The CyRC team provide detailed vulnerability guidance over beyond what the NVD typically provide in CVE records. BDSA are also cross-checked and validated against possibly affected component versions this often results in additional and more accurate mappings for components and versions affected by a given vulnerability. | ||
%p Where a BDSA has not been mapped to a component version which is mapped to a CVE record this indicates that the COSRI's team additional research has determined that this component version is not affected by the vulnerability. BDSAs are frequently reviewed and updated often on an hourly basis in the event of a new zero day vulnerability. | ||
%p The NVD CVE records are typically not cross-checked nor does the NVD verify vulnerability data published or provided from 3rd parties. The NVD are typically slower to update their records when new vulnerabilities or data becomes available. | ||
%p BDSA records should not be considered separate vulnerabilities from CVE records or other publicly available vulnerability data sources but instead viewed as additional research and insights which users can use to make better decisions, faster with regard to open source security vulnerabilities. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters