[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Sources: Full and Partial Coverage

On Tue, 8 May 2012, Steven M. Christey wrote:

: Tim and Brian,
: 
: EDB at least has a field that states whether they've independently 
: verified each issue or not, and it is very commonly referenced, so 
: that's one reason it has more focus than the others.  We do pick up 
: Packet Storm on a fairly regular basis.  We have not examined whether 
: inj3ct0r provides any additional or significant value, or any of the 
: dozens of similar vulnerability databases across the Internet.  The 
: commonality between all these sources increases the workload 
: significantly, so it had evolved (at least to the point of this Board 
: discussion) to more closely watch Exploit-DB than the others.

That is why I would argue for EDB. They have a vetting process in place, 
are quick to remove duplicate or bogus entries, etc. On the other hand, PS 
beats them by volume, but also has a high rate of junk entries (i.e. 
incorrect, very hard to understand, etc). I haven't done a real comparison 
with inj3ct0r, but my quick assessment is there is mostly overlap between 
PS / EDB.

Overall, I agree with the board's decision on EDB.
Page Last Updated or Reviewed: November 06, 2012