This shows you the differences between two versions of the page.
|
links [2008/02/21 19:17] kees link to public "how to write code securely" article |
links [2025/11/15 07:31] (current) davidcary |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| Here is a list of other websites with OSS-security-related information (be it articles, tutorials, general information, etc.) | Here is a list of other websites with OSS-security-related information (be it articles, tutorials, general information, etc.) | ||
| - | ===== Websites with security advisory-related information ===== | + | ===== Vulnerability databases and security advisory archives ===== |
| * http://cve.mitre.org - MITRE's CVE (Common Vulnerabilities and Exposures) dictionary | * http://cve.mitre.org - MITRE's CVE (Common Vulnerabilities and Exposures) dictionary | ||
| * http://nvd.nist.gov - NIST's NVD (National Vulnerability Database) | * http://nvd.nist.gov - NIST's NVD (National Vulnerability Database) | ||
| - | * http://www.cert.org - CERT | + | * http://osvdb.org - OSVDB (The Open Source Vulnerability Database) |
| + | * http://www.linuxsecurity.com/content/section/3/170/ - LinuxSecurity.com advisory pages | ||
| + | |||
| + | ===== Organizations handling cross-vendor vulnerabilities and incidents ===== | ||
| + | |||
| + | * http://www.cert.org - CERT (Computer Emergency Response Team) | ||
| + | * http://ocert.org - oCERT (Open Source Computer Emergency Response Team) | ||
| + | |||
| + | **(FIXME There are lots of CERTs, should we list them all?)** | ||
| + | |||
| + | ===== Security-related articles and tutorials ===== | ||
| + | |||
| + | * [[http://www.dwheeler.com/secure-programs/|Secure Programming for Linux and Unix HOWTO]] | ||
| + | * [[http://www.securecoding.cert.org|CERT Secure Coding Standards]] (for C and C++) | ||
| + | * [[http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf|JPL Institutional Coding Standard for the C Programming Language]] | ||
| + | * [[https://www.owasp.org/index.php/Secure_Coding_Principles|OWASP Secure Coding Principles]] | ||
| + | * [[https://cryptocoding.net|Cryptography Coding Standard]] ([[https://cryptocoding.net/index.php/Coding_rules|Coding rules]], [[https://cryptocoding.net/index.php/References|References]]) | ||
| + | * List of automated [[http://www.debian.org/security/audit/tools|Security Auditing Tools]] along with [[http://www.debian.org/security/audit/examples/|Automated Audit Examples]] from the [[http://www.debian.org/security/audit/|Debian Security Audit Project]] | ||
| + | |||
| + | ===== Security-related workgroups ===== | ||
| + | |||
| + | * [[http://kernsec.org/wiki/index.php/Linux_Security_Workgroup|Linux Security Workgroup]] | ||
| + | |||
| + | ===== Security-related wiki websites ===== | ||
| + | |||
| + | * Many security-related wiki are listed at WikiIndex: https://wikiindex.org/w/Category:Security | ||
| - | ===== Websites with security-related articles and tutorials ===== | ||
| - | * [[http://www.dwheeler.com/secure-programs/|Security Programming for Linux and Unix HOWTO]] | ||