OSF Mission
Open Security Foundation is a 501(c)(3) non-profit public organization founded and operated by information security enthusiasts.
We exist to empower all types of organizations by providing knowledge and resources so that they may properly detect, protect, and mitigate information security risks.
We believe that security information and services should be easily accessible for all who have the need for such information and services. We promote open collaboration between companies and individuals, provide unbiased information to uphold educated risk decision-making, and attempt to eliminate the need for redundant works.
OSF Directors and Officers
- Corporate Directors and Officers:
| Chairman / CEO-CFO: | Jake Kouns | President / COO: | Brian Martin |
| Vice-President / CTO: | David Shettler | Secretary / CCO: | Kelly Todd |
OSF Benefits
Leverage industry expertise of OSF members and the security community to provide accurate, detailed and unbiased information about the security of computers, networks, and personally identifying information.
Develop partnerships with security organizations that can gain benefit from OSF data and leverage both organizations' strengths (for example, providing vulnerability scanner users with OSVDB references, which prompts individuals to recognize and use OSVDB, and providing the DataLossDB for open research, which in turn promotes OSF as a recognized leader in breach data).
Areas of focus will include security vulnerabilities, security exploits, security testing information, security best-practices and providing information about the security of personally identifiable information.
Open Security Foundation is looking to sponsor and / or host new projects. Please contact us if you have an idea that you feel would benefit the information security community. All inquiries regarding contributions are welcome.
Open Security Foundation
5518 Olde Hartley Way
Glen Allen, VA 23060
About Open Security Foundation
Open Security Foundation provides independent, accurate, detailed, current, and unbiased security information. Open Security Foundation runs the Open Source Vulnerability Database (OSVDB) and the DataLossDB.
OSVDB's goal is to provide accurate and unbiased information about security vulnerabilities in computerized equipment. The core of OSVDB is a relational database which ties various information about security vulnerabilities into a common, cross-referenced data source. Data is acquired from common security industry sources, entered into the OSVDB database, and cross referenced with existing information.
Latest OSVDB News
| date | author | news |
|---|---|---|
| 2009-06-16 | Time | |
| 2009-04-25 | If You Can't, How Can We? | |
| 2009-04-22 | Open Security Foundation Wins the SC Magazine 2009 Editor's Choice Award | |
| 2009-04-15 | Open Security Foundation at RSA | |
| 2009-02-25 | OSVDB Discussed on Faceoff Podcast | |
| 2009-02-17 | Who discovered the most vulns? | |
| 2008-12-31 | Welcoming in 2009 | |
| 2008-11-20 | No Safety In Numbers | |
| 2008-11-10 | Looking for Volunteer Rails Developers! | |
| 2008-07-31 | OSVDB in Vegas..... |
DataLossDB's goal is to provide accurate and unbiased information about breaches of personally identifying information when lost by or stolen from third parties. DataLossDB is a searchable database that promotes research and the sharing of information by professionals and enthusiasts alike. Data is acquired from verifiable media and government resources and is open for community participation.
Latest DataLossDB Incidents
| Date | Summary |
|---|---|
| 2009-06-30 | Laptop at computer repair shop contains names and Social Security numbers of 6,000 |
| 2009-06-29 | Application Information posted to external website |
| 2009-06-24 | Names, addresses and Social Security numbers of 2,828 on stolen flash drive |
| 2009-06-25 | Hundreds of papers containing names, addresses, Social Security numbers and salary details improperly disposed |
| 2009-06-27 | Stolen server (later recovered) contains Social Security numbers |
| 2009-06-24 | Stolen laptops contained 250,000 names and health numbers |
| 2009-06-23 | Stolen computer containing 45,277 names and Social Security numbers of current and former students, faculty and staff |
| 2009-06-17 | Stolen unencrypted laptop contained 75000 customers account details |
| 2009-06-22 | Unauthorized access by a former employee exposes names, addresses and Social Security numbers of past and present employees |
| 2009-06-16 | Hackers access stores wireless network and steal customers credit and debit card data |