We are currently implementing a security log monitoring/auditing application for local law compliance. In our first implementation we used the security event taxonomy proposed by the OpenGroup XDAS working group since the interesting Common Event Expression (http://cee.mitre.org) effort is apparently going nowhere. Are there any other similar open projects/standards we can look at?
A:
The OSVDB is along these same lines. OSVDB a database of vulnerabilities that traces back to CVE numbers as well as Snort and Nessus IDs
Snort is a very nice IDS and I highly recommend looking at their database of rules. All of their rule sets trace back to CVE numbers or in some cases to other resources when a CVE number isn't applicable.
Rook
2010-06-04 21:55:53
Thanks, I'll take a look at them.
Alessandro Baldoni
2010-06-05 12:40:00